General

  • Target

    385a7685a529b9901b25a2de66e7013796b5477756cf3d991530cb4b6c49ce20N.exe

  • Size

    94KB

  • Sample

    241113-ggzxvazmgl

  • MD5

    8005de108d481e8e04af4c83c47aee24

  • SHA1

    a9c5638436684d92f15380960b93125a562af64a

  • SHA256

    07a5f03b0302518df8f02b2cc355f7d3e6b39a8fe92469b3c546de72b7e3a0a7

  • SHA512

    a16d9426501a4bfe2419c9d6548c92e1e42ee6402514b311dac233886b4e6af813602f2e56700ea6b60b21bf7db61e11ea919d8fbcdd14d3be923ac317b9baf5

  • SSDEEP

    1536:PGYU/W2/HG6QMauSV3ixJHABLrmhH7i9CO+WHg7zRZICrWaGZh7r:PfU/WF6QMauSuiWNi9CO+WARJrWNZN

Malware Config

Targets

    • Target

      385a7685a529b9901b25a2de66e7013796b5477756cf3d991530cb4b6c49ce20N.exe

    • Size

      94KB

    • MD5

      8005de108d481e8e04af4c83c47aee24

    • SHA1

      a9c5638436684d92f15380960b93125a562af64a

    • SHA256

      07a5f03b0302518df8f02b2cc355f7d3e6b39a8fe92469b3c546de72b7e3a0a7

    • SHA512

      a16d9426501a4bfe2419c9d6548c92e1e42ee6402514b311dac233886b4e6af813602f2e56700ea6b60b21bf7db61e11ea919d8fbcdd14d3be923ac317b9baf5

    • SSDEEP

      1536:PGYU/W2/HG6QMauSV3ixJHABLrmhH7i9CO+WHg7zRZICrWaGZh7r:PfU/WF6QMauSuiWNi9CO+WARJrWNZN

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

MITRE ATT&CK Enterprise v15

Tasks