General

  • Target

    d851b8e2f7605c10879b91401bc3f9259fc97dd82a9969bcea2c44b54359c60f

  • Size

    59KB

  • Sample

    241114-dp9v8stflp

  • MD5

    d7fcd4512239cf12109771ae5861c9f7

  • SHA1

    52a557449ef122a1b7c8c26212b3eb2531e30efc

  • SHA256

    d851b8e2f7605c10879b91401bc3f9259fc97dd82a9969bcea2c44b54359c60f

  • SHA512

    b83bbd68d98cc43fd41d2b1bcdba100b5aab864a0e50d46a12156951e7b925023abbc69dc3e8cd50a92fa69b6f847ced7551b2d4a40683993ca2f7259e3ff376

  • SSDEEP

    1536:3+ZgwRdiE8cO4p1xRjfTvSq5r3ZiIZ4nouy8uh1aQI:OeodiUO4p13b9HiIeoutuh1aQI

Malware Config

Targets

    • Target

      d851b8e2f7605c10879b91401bc3f9259fc97dd82a9969bcea2c44b54359c60f

    • Size

      59KB

    • MD5

      d7fcd4512239cf12109771ae5861c9f7

    • SHA1

      52a557449ef122a1b7c8c26212b3eb2531e30efc

    • SHA256

      d851b8e2f7605c10879b91401bc3f9259fc97dd82a9969bcea2c44b54359c60f

    • SHA512

      b83bbd68d98cc43fd41d2b1bcdba100b5aab864a0e50d46a12156951e7b925023abbc69dc3e8cd50a92fa69b6f847ced7551b2d4a40683993ca2f7259e3ff376

    • SSDEEP

      1536:3+ZgwRdiE8cO4p1xRjfTvSq5r3ZiIZ4nouy8uh1aQI:OeodiUO4p13b9HiIeoutuh1aQI

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks