General

  • Target

    820fcad3d970954972fcaf48d71d0bd158d08a1c82f97613fd2eace760e3513cN.exe

  • Size

    135KB

  • Sample

    241113-3x3jka1hnr

  • MD5

    136f598b8333f4a6b294eed1a10cdcd0

  • SHA1

    a2d53e53284665146f8d0d3d5497e98f8bc275ba

  • SHA256

    820fcad3d970954972fcaf48d71d0bd158d08a1c82f97613fd2eace760e3513c

  • SHA512

    8ec39b26a517f5bf416bfa52f8479312f257732b58b01b69beaef416d6655ea88fb7fdf076d2473bcd4b11a886e4bfa75a0a8baec996ed7a113a2e77d2d84d49

  • SSDEEP

    1536:YGYU/W2/HG6QMauSV3ixJHABLrmhH7i9eNOOg00GqMIK7aGZh3SOW:YfU/WF6QMauSuiWNi9eNOl0007NZIOW

Malware Config

Targets

    • Target

      820fcad3d970954972fcaf48d71d0bd158d08a1c82f97613fd2eace760e3513cN.exe

    • Size

      135KB

    • MD5

      136f598b8333f4a6b294eed1a10cdcd0

    • SHA1

      a2d53e53284665146f8d0d3d5497e98f8bc275ba

    • SHA256

      820fcad3d970954972fcaf48d71d0bd158d08a1c82f97613fd2eace760e3513c

    • SHA512

      8ec39b26a517f5bf416bfa52f8479312f257732b58b01b69beaef416d6655ea88fb7fdf076d2473bcd4b11a886e4bfa75a0a8baec996ed7a113a2e77d2d84d49

    • SSDEEP

      1536:YGYU/W2/HG6QMauSV3ixJHABLrmhH7i9eNOOg00GqMIK7aGZh3SOW:YfU/WF6QMauSuiWNi9eNOl0007NZIOW

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks