General

  • Target

    d0aabe49457f3d3e17f1fed2f89883fe9ff9c0d17f2aa44d97da808605d59b6b

  • Size

    55KB

  • Sample

    241117-ld5q5s1lhq

  • MD5

    4e290d40b07d11996dcaa1a9bcc8a626

  • SHA1

    41a2baeeb10f733326c09ff12ef01d801d2b0f81

  • SHA256

    d0aabe49457f3d3e17f1fed2f89883fe9ff9c0d17f2aa44d97da808605d59b6b

  • SHA512

    778312bfc9ecabac589c010857c16bca60f3bedde8f796447e18ba2e21536f01d696aa12738950017ddf7f32dcf0e41acc193174081c85aef34651734e8fa174

  • SSDEEP

    1536:bhBZ1b9c409y1G1i35Bo01i/gcU8eVTOK/YqjYYamvbtb:rZl2zoxV1i/NU82OMYcYYamv5b

Malware Config

Targets

    • Target

      d0aabe49457f3d3e17f1fed2f89883fe9ff9c0d17f2aa44d97da808605d59b6b

    • Size

      55KB

    • MD5

      4e290d40b07d11996dcaa1a9bcc8a626

    • SHA1

      41a2baeeb10f733326c09ff12ef01d801d2b0f81

    • SHA256

      d0aabe49457f3d3e17f1fed2f89883fe9ff9c0d17f2aa44d97da808605d59b6b

    • SHA512

      778312bfc9ecabac589c010857c16bca60f3bedde8f796447e18ba2e21536f01d696aa12738950017ddf7f32dcf0e41acc193174081c85aef34651734e8fa174

    • SSDEEP

      1536:bhBZ1b9c409y1G1i35Bo01i/gcU8eVTOK/YqjYYamvbtb:rZl2zoxV1i/NU82OMYcYYamv5b

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    • Hide Artifacts: Hidden Files and Directories

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks