General

  • Target

    fc8d24c71ef20834b97c25f02b008490fbc3f22236f0514c01dc79f85c890c18

  • Size

    17KB

  • Sample

    241114-e9b1dayjgj

  • MD5

    d47f549e57a4ec09254523ffdea98829

  • SHA1

    cb3da86dac94b851afd681ee3fb3ce6326649974

  • SHA256

    fc8d24c71ef20834b97c25f02b008490fbc3f22236f0514c01dc79f85c890c18

  • SHA512

    7656b8897ebb8b837d73d3011bc9f2fc0c7e072763a407ca523780a1cabaa6b0f53d952ed4006843b2db117bb5dd0d8deacaf5d9856641e0f3063ceda2c84812

  • SSDEEP

    384:IO3qdXlIQV0YXd45xuYiMcRWnPbeVGWLogrrrrm:IO3EVdV0YXd4DuicNV3lrrrrm

Malware Config

Targets

    • Target

      fc8d24c71ef20834b97c25f02b008490fbc3f22236f0514c01dc79f85c890c18

    • Size

      17KB

    • MD5

      d47f549e57a4ec09254523ffdea98829

    • SHA1

      cb3da86dac94b851afd681ee3fb3ce6326649974

    • SHA256

      fc8d24c71ef20834b97c25f02b008490fbc3f22236f0514c01dc79f85c890c18

    • SHA512

      7656b8897ebb8b837d73d3011bc9f2fc0c7e072763a407ca523780a1cabaa6b0f53d952ed4006843b2db117bb5dd0d8deacaf5d9856641e0f3063ceda2c84812

    • SSDEEP

      384:IO3qdXlIQV0YXd45xuYiMcRWnPbeVGWLogrrrrm:IO3EVdV0YXd4DuicNV3lrrrrm

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks