General

  • Target

    e372af570606d6deb99901e3d8904e1ebca21f5413405b32fe665c883a82bb51

  • Size

    135KB

  • Sample

    241113-d6plmawcrr

  • MD5

    05449a1370a7178f37f43346ad9b2242

  • SHA1

    546e2499d1e473b60e4b0897e0f674db64e0b014

  • SHA256

    e372af570606d6deb99901e3d8904e1ebca21f5413405b32fe665c883a82bb51

  • SHA512

    32c2e10211804f0d0af981c273743859023c47e5a2d4ec81121fe8308189b83cf0f33ee40cd19c1a06888ef04e169b1104c70f2059cdb29076b39f6cab793a6c

  • SSDEEP

    1536:YGYU/W2/HG6QMauSV3ixJHABLrmhH7i9eNOOg00GqMIK7aGZh3SOz:YfU/WF6QMauSuiWNi9eNOl0007NZIOz

Malware Config

Targets

    • Target

      e372af570606d6deb99901e3d8904e1ebca21f5413405b32fe665c883a82bb51

    • Size

      135KB

    • MD5

      05449a1370a7178f37f43346ad9b2242

    • SHA1

      546e2499d1e473b60e4b0897e0f674db64e0b014

    • SHA256

      e372af570606d6deb99901e3d8904e1ebca21f5413405b32fe665c883a82bb51

    • SHA512

      32c2e10211804f0d0af981c273743859023c47e5a2d4ec81121fe8308189b83cf0f33ee40cd19c1a06888ef04e169b1104c70f2059cdb29076b39f6cab793a6c

    • SSDEEP

      1536:YGYU/W2/HG6QMauSV3ixJHABLrmhH7i9eNOOg00GqMIK7aGZh3SOz:YfU/WF6QMauSuiWNi9eNOl0007NZIOz

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks