General

  • Target

    581a5da18e77e9628dabe056ba4e854f7b4a96125f27091f009c31298cb1390eN.exe

  • Size

    135KB

  • Sample

    241113-hjaw6sxell

  • MD5

    27558fd6157955da26f509519b28cfc0

  • SHA1

    f737c57229632aaed467f984b213a2183e91f47c

  • SHA256

    581a5da18e77e9628dabe056ba4e854f7b4a96125f27091f009c31298cb1390e

  • SHA512

    e2335a638f4a271ce680e77e71cc848c25021576862af185781a7ea51d677bd6ce4bd594074960c9941aec413ba98a333aa0ee3d9516d9965af3fe831305ac4f

  • SSDEEP

    1536:YGYU/W2/HG6QMauSV3ixJHABLrmhH7i9eNOOg00GqMIK7aGZh3SOX:YfU/WF6QMauSuiWNi9eNOl0007NZIOX

Malware Config

Targets

    • Target

      581a5da18e77e9628dabe056ba4e854f7b4a96125f27091f009c31298cb1390eN.exe

    • Size

      135KB

    • MD5

      27558fd6157955da26f509519b28cfc0

    • SHA1

      f737c57229632aaed467f984b213a2183e91f47c

    • SHA256

      581a5da18e77e9628dabe056ba4e854f7b4a96125f27091f009c31298cb1390e

    • SHA512

      e2335a638f4a271ce680e77e71cc848c25021576862af185781a7ea51d677bd6ce4bd594074960c9941aec413ba98a333aa0ee3d9516d9965af3fe831305ac4f

    • SSDEEP

      1536:YGYU/W2/HG6QMauSV3ixJHABLrmhH7i9eNOOg00GqMIK7aGZh3SOX:YfU/WF6QMauSuiWNi9eNOl0007NZIOX

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks