General

  • Target

    1e4b47e56f35600bb87cbe59a085267b771ce9b7c7bd7d0c311fb8d8f723e250N

  • Size

    465KB

  • Sample

    241113-jvxqraxhnb

  • MD5

    58f318e448034ff8a92ccdf04c4a5e20

  • SHA1

    778eaccae22b0b7a32b33c24fa6b814f22a4136a

  • SHA256

    1e4b47e56f35600bb87cbe59a085267b771ce9b7c7bd7d0c311fb8d8f723e250

  • SHA512

    a19a6c0c2d4f5dd4f47008bd5c189b09897909d24bea46eab9f6ea85af226d00f5b303e643e0d489a980e057ddc6b55e2c4fc53d8a7fcd5cc9e347b9db7b259b

  • SSDEEP

    6144:mBapC9DUIYmO5Kv5Q7X/l/rYvkW1VxxfnzrV9UAH0ctkPfc92F8dLpIh9jil:5pQD+mO5KWy/zrVbt4fcY69U9jI

Malware Config

Targets

    • Target

      1e4b47e56f35600bb87cbe59a085267b771ce9b7c7bd7d0c311fb8d8f723e250N

    • Size

      465KB

    • MD5

      58f318e448034ff8a92ccdf04c4a5e20

    • SHA1

      778eaccae22b0b7a32b33c24fa6b814f22a4136a

    • SHA256

      1e4b47e56f35600bb87cbe59a085267b771ce9b7c7bd7d0c311fb8d8f723e250

    • SHA512

      a19a6c0c2d4f5dd4f47008bd5c189b09897909d24bea46eab9f6ea85af226d00f5b303e643e0d489a980e057ddc6b55e2c4fc53d8a7fcd5cc9e347b9db7b259b

    • SSDEEP

      6144:mBapC9DUIYmO5Kv5Q7X/l/rYvkW1VxxfnzrV9UAH0ctkPfc92F8dLpIh9jil:5pQD+mO5KWy/zrVbt4fcY69U9jI

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v15

Tasks