General

  • Target

    ca9ebfff0edd9a3a4298b693e2581f18b7f9780ffdcdc1f4e9cf8eae4d72849b

  • Size

    68KB

  • Sample

    241117-k8n67swkbt

  • MD5

    bedd2856308076dd8f81974346f60ef3

  • SHA1

    f13cb021b11bc007bf93af937ffe84ca4018acf5

  • SHA256

    ca9ebfff0edd9a3a4298b693e2581f18b7f9780ffdcdc1f4e9cf8eae4d72849b

  • SHA512

    ebc8f015cdc8ee30f38a7ef3f6e167b9b6b48d8f0bad70e7b6fd2b6a9f88724e356599e6a37f26b9af5a1d94edb0a9251f01b8b0f79e88847861d1efe5faa924

  • SSDEEP

    768:8m2HWaXqAJplmRPEW1PiGz96XyX9TdtldE9xKdb:8m0wANm5EW17zgyXVdtnPdb

Malware Config

Targets

    • Target

      ca9ebfff0edd9a3a4298b693e2581f18b7f9780ffdcdc1f4e9cf8eae4d72849b

    • Size

      68KB

    • MD5

      bedd2856308076dd8f81974346f60ef3

    • SHA1

      f13cb021b11bc007bf93af937ffe84ca4018acf5

    • SHA256

      ca9ebfff0edd9a3a4298b693e2581f18b7f9780ffdcdc1f4e9cf8eae4d72849b

    • SHA512

      ebc8f015cdc8ee30f38a7ef3f6e167b9b6b48d8f0bad70e7b6fd2b6a9f88724e356599e6a37f26b9af5a1d94edb0a9251f01b8b0f79e88847861d1efe5faa924

    • SSDEEP

      768:8m2HWaXqAJplmRPEW1PiGz96XyX9TdtldE9xKdb:8m0wANm5EW17zgyXVdtnPdb

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

MITRE ATT&CK Enterprise v15

Tasks