General

  • Target

    db47ced867627bcb18f02c7f6f8b8fd2f417ead207f8198e694de4cc332b90cbN.exe

  • Size

    39KB

  • Sample

    241114-fvkjmsyldr

  • MD5

    6ad3fc86c0af70fa0155961908e8a850

  • SHA1

    52b65ee068613b5105de9ef02f0dbaed6b92aea1

  • SHA256

    db47ced867627bcb18f02c7f6f8b8fd2f417ead207f8198e694de4cc332b90cb

  • SHA512

    368a58af690e18a86d6aeb3fb765a20e024f30f9c881edc295558794f11e484e71344ee8d34658db42316c8328ad86b8594f4623f6e59392793d94b2bd9580a1

  • SSDEEP

    768:CFXEI+ZO96Muj5cDcXsDo5XnbcuyD7UWX4KEPm0dIC4+9uym/EVerqEqndAUlk3D:wz99WFcwhBnouy8WIKEu0dX4j2dAckD

Malware Config

Targets

    • Target

      db47ced867627bcb18f02c7f6f8b8fd2f417ead207f8198e694de4cc332b90cbN.exe

    • Size

      39KB

    • MD5

      6ad3fc86c0af70fa0155961908e8a850

    • SHA1

      52b65ee068613b5105de9ef02f0dbaed6b92aea1

    • SHA256

      db47ced867627bcb18f02c7f6f8b8fd2f417ead207f8198e694de4cc332b90cb

    • SHA512

      368a58af690e18a86d6aeb3fb765a20e024f30f9c881edc295558794f11e484e71344ee8d34658db42316c8328ad86b8594f4623f6e59392793d94b2bd9580a1

    • SSDEEP

      768:CFXEI+ZO96Muj5cDcXsDo5XnbcuyD7UWX4KEPm0dIC4+9uym/EVerqEqndAUlk3D:wz99WFcwhBnouy8WIKEu0dX4j2dAckD

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks