General

  • Target

    596f12177bb638d922d31ab591f167f0d8f9deab5ab89a15e2669e9062233b0bN.exe

  • Size

    112KB

  • Sample

    241113-kmcahsydpc

  • MD5

    885a4d0a60f68412e4997980b62a1270

  • SHA1

    100cb3d82630f53a52a6db02d852c71c836f18db

  • SHA256

    596f12177bb638d922d31ab591f167f0d8f9deab5ab89a15e2669e9062233b0b

  • SHA512

    19e278c43b4f14b02eaa1747e58884337702fb9852457f6ed923143e9de33477ea8727e2f48e405e1012560797f1f6ed36f095528954a31bf99cd65043fb20c9

  • SSDEEP

    3072:7yNxHEllJlfkX9kXWqgkXAkXAkXAkXtkX8kXQkXhkXIkX/kXdkX+kXmkXJkXMkXY:7yNxHQkX9kXWqgkXAkXAkXAkXtkX8kXl

Malware Config

Targets

    • Target

      596f12177bb638d922d31ab591f167f0d8f9deab5ab89a15e2669e9062233b0bN.exe

    • Size

      112KB

    • MD5

      885a4d0a60f68412e4997980b62a1270

    • SHA1

      100cb3d82630f53a52a6db02d852c71c836f18db

    • SHA256

      596f12177bb638d922d31ab591f167f0d8f9deab5ab89a15e2669e9062233b0b

    • SHA512

      19e278c43b4f14b02eaa1747e58884337702fb9852457f6ed923143e9de33477ea8727e2f48e405e1012560797f1f6ed36f095528954a31bf99cd65043fb20c9

    • SSDEEP

      3072:7yNxHEllJlfkX9kXWqgkXAkXAkXAkXtkX8kXQkXhkXIkX/kXdkX+kXmkXJkXMkXY:7yNxHQkX9kXWqgkXAkXAkXAkXtkX8kXl

    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks