General

  • Target

    f9e8398ef93bdb3a1d9c2a7a413f55290cc4df999be2b82314c0133bcc75ca18

  • Size

    35KB

  • Sample

    241113-e17exsvphz

  • MD5

    f1bb8ae80176d0ad68b6f3a7258c0346

  • SHA1

    153c1a88e5989565223cf3fa331b7ef712397ab8

  • SHA256

    f9e8398ef93bdb3a1d9c2a7a413f55290cc4df999be2b82314c0133bcc75ca18

  • SHA512

    fac4d86bcfae2581e836e091d7347e054b79551ba85e179a35eac8ea14488ca9c009c4a34c70da643ad987aa8a6aa9e5429610b9cf650d301b9bc9e73d4e8c0a

  • SSDEEP

    384:EdR8iQLoFx1jW5sIiR5tGD4ZQgXFpOQGR9zos2clAKLHRN74u56/R9zZwu95:Er8X+GsHRGYZXOQ69zbjlAAX5e9zj

Malware Config

Targets

    • Target

      f9e8398ef93bdb3a1d9c2a7a413f55290cc4df999be2b82314c0133bcc75ca18

    • Size

      35KB

    • MD5

      f1bb8ae80176d0ad68b6f3a7258c0346

    • SHA1

      153c1a88e5989565223cf3fa331b7ef712397ab8

    • SHA256

      f9e8398ef93bdb3a1d9c2a7a413f55290cc4df999be2b82314c0133bcc75ca18

    • SHA512

      fac4d86bcfae2581e836e091d7347e054b79551ba85e179a35eac8ea14488ca9c009c4a34c70da643ad987aa8a6aa9e5429610b9cf650d301b9bc9e73d4e8c0a

    • SSDEEP

      384:EdR8iQLoFx1jW5sIiR5tGD4ZQgXFpOQGR9zos2clAKLHRN74u56/R9zZwu95:Er8X+GsHRGYZXOQ69zbjlAAX5e9zj

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

MITRE ATT&CK Enterprise v15

Tasks