General

  • Target

    ddfb2b2f0ffe07a75970b6a10ac92448a8d99ec239dc7e77f081be31b21a59f4

  • Size

    232KB

  • Sample

    241114-dx183axncr

  • MD5

    94d0de9bb95fc9fee2dadf26aea0713d

  • SHA1

    299c93833b7419c9d3c2303e1954ec5e3627b88a

  • SHA256

    ddfb2b2f0ffe07a75970b6a10ac92448a8d99ec239dc7e77f081be31b21a59f4

  • SHA512

    045e556097a9a4236e4f94f5c6219e6abbc6bbdfd8ab84c250a4291adef12e95de41856db26e8443946051ecea9c412536e0da42997e4bcf0e9d01e9be5f8764

  • SSDEEP

    3072:qI1i/NU8bOMYcYYcmy5cU+gTn6HOjDhWrzvvQwlgO5s1i/NU82OMYcYYamv5b:5i/NjO5YBgegD0PHzSni/N+O7

Malware Config

Targets

    • Target

      ddfb2b2f0ffe07a75970b6a10ac92448a8d99ec239dc7e77f081be31b21a59f4

    • Size

      232KB

    • MD5

      94d0de9bb95fc9fee2dadf26aea0713d

    • SHA1

      299c93833b7419c9d3c2303e1954ec5e3627b88a

    • SHA256

      ddfb2b2f0ffe07a75970b6a10ac92448a8d99ec239dc7e77f081be31b21a59f4

    • SHA512

      045e556097a9a4236e4f94f5c6219e6abbc6bbdfd8ab84c250a4291adef12e95de41856db26e8443946051ecea9c412536e0da42997e4bcf0e9d01e9be5f8764

    • SSDEEP

      3072:qI1i/NU8bOMYcYYcmy5cU+gTn6HOjDhWrzvvQwlgO5s1i/NU82OMYcYYamv5b:5i/NjO5YBgegD0PHzSni/N+O7

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    • Hide Artifacts: Hidden Files and Directories

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks