General

  • Target

    2753f9871c2152b4093544fc1c784b0baed86571b48d4b6d0d90ef3bf6d053ee.exe

  • Size

    111KB

  • Sample

    241113-ffckgswhjr

  • MD5

    5e1060a06e83a1330542adad4f9b7c94

  • SHA1

    e7cfa1317a623af164b0acde95b052a010d14447

  • SHA256

    2753f9871c2152b4093544fc1c784b0baed86571b48d4b6d0d90ef3bf6d053ee

  • SHA512

    503d413129990afeda5c50af4d3ff15efcae58b404a7c7649b7fafb7a9cbc3bf078e7a20b2ab919014119ccd680a1ad1509d91b6df19dd4ba563f4b1b541d5a1

  • SSDEEP

    1536:ELNIW39SaZTbFARlq7jC1OZstZu0TSVEdUJWTWd18ff:ELlbZTZX3BAtTSVEdUJWTWd18ff

Malware Config

Targets

    • Target

      2753f9871c2152b4093544fc1c784b0baed86571b48d4b6d0d90ef3bf6d053ee.exe

    • Size

      111KB

    • MD5

      5e1060a06e83a1330542adad4f9b7c94

    • SHA1

      e7cfa1317a623af164b0acde95b052a010d14447

    • SHA256

      2753f9871c2152b4093544fc1c784b0baed86571b48d4b6d0d90ef3bf6d053ee

    • SHA512

      503d413129990afeda5c50af4d3ff15efcae58b404a7c7649b7fafb7a9cbc3bf078e7a20b2ab919014119ccd680a1ad1509d91b6df19dd4ba563f4b1b541d5a1

    • SSDEEP

      1536:ELNIW39SaZTbFARlq7jC1OZstZu0TSVEdUJWTWd18ff:ELlbZTZX3BAtTSVEdUJWTWd18ff

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks