General
-
Target
596f12177bb638d922d31ab591f167f0d8f9deab5ab89a15e2669e9062233b0bN.exe
-
Size
112KB
-
Sample
241113-kmcahsydpc
-
MD5
885a4d0a60f68412e4997980b62a1270
-
SHA1
100cb3d82630f53a52a6db02d852c71c836f18db
-
SHA256
596f12177bb638d922d31ab591f167f0d8f9deab5ab89a15e2669e9062233b0b
-
SHA512
19e278c43b4f14b02eaa1747e58884337702fb9852457f6ed923143e9de33477ea8727e2f48e405e1012560797f1f6ed36f095528954a31bf99cd65043fb20c9
-
SSDEEP
3072:7yNxHEllJlfkX9kXWqgkXAkXAkXAkXtkX8kXQkXhkXIkX/kXdkX+kXmkXJkXMkXY:7yNxHQkX9kXWqgkXAkXAkXAkXtkX8kXl
Static task
static1
Behavioral task
behavioral1
Sample
596f12177bb638d922d31ab591f167f0d8f9deab5ab89a15e2669e9062233b0bN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
596f12177bb638d922d31ab591f167f0d8f9deab5ab89a15e2669e9062233b0bN.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
596f12177bb638d922d31ab591f167f0d8f9deab5ab89a15e2669e9062233b0bN.exe
-
Size
112KB
-
MD5
885a4d0a60f68412e4997980b62a1270
-
SHA1
100cb3d82630f53a52a6db02d852c71c836f18db
-
SHA256
596f12177bb638d922d31ab591f167f0d8f9deab5ab89a15e2669e9062233b0b
-
SHA512
19e278c43b4f14b02eaa1747e58884337702fb9852457f6ed923143e9de33477ea8727e2f48e405e1012560797f1f6ed36f095528954a31bf99cd65043fb20c9
-
SSDEEP
3072:7yNxHEllJlfkX9kXWqgkXAkXAkXAkXtkX8kXQkXhkXIkX/kXdkX+kXmkXJkXMkXY:7yNxHQkX9kXWqgkXAkXAkXAkXtkX8kXl
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2