General

  • Target

    f433583b8b05b7435a7035edf72dfdc47570b35183aed304abc69b4bab3d4b1c

  • Size

    58KB

  • Sample

    241113-esjnwswerq

  • MD5

    2ea91f68fbfe853ddb3b45251e851651

  • SHA1

    c967abb670789905fc110e11629e210e005eb65e

  • SHA256

    f433583b8b05b7435a7035edf72dfdc47570b35183aed304abc69b4bab3d4b1c

  • SHA512

    8a4b742e4ecfdaed98982b7b73d8b8548653339a63f8999b814eb97728eb20ae8a94d291a3c5cc51ffb64a6070b87281f84ebff2f6179ea47f505ea3321fb5a9

  • SSDEEP

    1536:mvQoLHjw2iWPKMvw71vLyXfUUmPnouy8rgV:mv5Ls27BIJvLyXMUGoutsV

Malware Config

Targets

    • Target

      f433583b8b05b7435a7035edf72dfdc47570b35183aed304abc69b4bab3d4b1c

    • Size

      58KB

    • MD5

      2ea91f68fbfe853ddb3b45251e851651

    • SHA1

      c967abb670789905fc110e11629e210e005eb65e

    • SHA256

      f433583b8b05b7435a7035edf72dfdc47570b35183aed304abc69b4bab3d4b1c

    • SHA512

      8a4b742e4ecfdaed98982b7b73d8b8548653339a63f8999b814eb97728eb20ae8a94d291a3c5cc51ffb64a6070b87281f84ebff2f6179ea47f505ea3321fb5a9

    • SSDEEP

      1536:mvQoLHjw2iWPKMvw71vLyXfUUmPnouy8rgV:mv5Ls27BIJvLyXMUGoutsV

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks