General

  • Target

    990b179a9412a4abce08092db4d84dd28d4c4bdf749c1910ce014ea0756ebb08.exe

  • Size

    97KB

  • Sample

    241117-kw42wszrdk

  • MD5

    af505b34174f21b3fa759088a4d94759

  • SHA1

    c6cbaff457e13e8611730f69310758cfe5364d42

  • SHA256

    990b179a9412a4abce08092db4d84dd28d4c4bdf749c1910ce014ea0756ebb08

  • SHA512

    70f7dd27022d042f67ef18a74a9f5d23937410febb8d91c8b26bbb5ac8daa60e7c8ddac42b304f0a644daf6399c3da884642ce6029f41107c15675ed2b4f5da8

  • SSDEEP

    1536:p7u6cOLK7hNIMLrCiS4xUfXM3xvuoSB5qEftLhSnWQD+hpX71qCi7f:1eOLK7hNIMLrCiS4+PwRjY5xhEAXQC+

Malware Config

Targets

    • Target

      990b179a9412a4abce08092db4d84dd28d4c4bdf749c1910ce014ea0756ebb08.exe

    • Size

      97KB

    • MD5

      af505b34174f21b3fa759088a4d94759

    • SHA1

      c6cbaff457e13e8611730f69310758cfe5364d42

    • SHA256

      990b179a9412a4abce08092db4d84dd28d4c4bdf749c1910ce014ea0756ebb08

    • SHA512

      70f7dd27022d042f67ef18a74a9f5d23937410febb8d91c8b26bbb5ac8daa60e7c8ddac42b304f0a644daf6399c3da884642ce6029f41107c15675ed2b4f5da8

    • SSDEEP

      1536:p7u6cOLK7hNIMLrCiS4xUfXM3xvuoSB5qEftLhSnWQD+hpX71qCi7f:1eOLK7hNIMLrCiS4+PwRjY5xhEAXQC+

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks