General

  • Target

    79e00dbeb7ae3fbddbf31dc3f3682230278bbadd0625fa69879fcc473fefe9fa

  • Size

    97KB

  • Sample

    241112-3r1g1ssmbw

  • MD5

    d3bc832f3fcfe87cbfdc3121b6b17892

  • SHA1

    161a722bd4e00d7baabaf215690e35fedbb1937a

  • SHA256

    79e00dbeb7ae3fbddbf31dc3f3682230278bbadd0625fa69879fcc473fefe9fa

  • SHA512

    879e2ca7dbc82b90771aed98eb75118763e7a3343a83ffc488f2b2e508de0d94b58763267ce79008c606fd0477e728bffc5c38e4db097afa658ebda0bd181210

  • SSDEEP

    1536:p7u6cOLK7hNIMLrCiS4xUfXM3xvuoSB5qEftLhSnWQD+hpX71qCi7l:1eOLK7hNIMLrCiS4+PwRjY5xhEAXQCE

Malware Config

Targets

    • Target

      79e00dbeb7ae3fbddbf31dc3f3682230278bbadd0625fa69879fcc473fefe9fa

    • Size

      97KB

    • MD5

      d3bc832f3fcfe87cbfdc3121b6b17892

    • SHA1

      161a722bd4e00d7baabaf215690e35fedbb1937a

    • SHA256

      79e00dbeb7ae3fbddbf31dc3f3682230278bbadd0625fa69879fcc473fefe9fa

    • SHA512

      879e2ca7dbc82b90771aed98eb75118763e7a3343a83ffc488f2b2e508de0d94b58763267ce79008c606fd0477e728bffc5c38e4db097afa658ebda0bd181210

    • SSDEEP

      1536:p7u6cOLK7hNIMLrCiS4xUfXM3xvuoSB5qEftLhSnWQD+hpX71qCi7l:1eOLK7hNIMLrCiS4+PwRjY5xhEAXQCE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks