General

  • Target

    bc0f794d146c462695e2cc70bf32670a5b24ac77e261d32c837904818804da63N.exe

  • Size

    32KB

  • Sample

    241117-lshvxswnez

  • MD5

    6b92bb1663a14f44341c8b6352818f70

  • SHA1

    40694aa0634ac6cc16461a7ecbebb0726fac0798

  • SHA256

    bc0f794d146c462695e2cc70bf32670a5b24ac77e261d32c837904818804da63

  • SHA512

    6990d65fd6765e09183edf9bd2417cd2c64437980e71103d550df067c08b581a6e6b97bc1c82afd4e82f40769689daeaa51df3e7f18f7d1cc1cb34f6fe7a287a

  • SSDEEP

    768:mfahIdmVIBW+HvrxxxxxxxxxxxxxxBx15oB19mPHXRHrMWNCSGcdH8zevc:myhIdmVIBW+PQB19CR55+Cvc

Malware Config

Targets

    • Target

      bc0f794d146c462695e2cc70bf32670a5b24ac77e261d32c837904818804da63N.exe

    • Size

      32KB

    • MD5

      6b92bb1663a14f44341c8b6352818f70

    • SHA1

      40694aa0634ac6cc16461a7ecbebb0726fac0798

    • SHA256

      bc0f794d146c462695e2cc70bf32670a5b24ac77e261d32c837904818804da63

    • SHA512

      6990d65fd6765e09183edf9bd2417cd2c64437980e71103d550df067c08b581a6e6b97bc1c82afd4e82f40769689daeaa51df3e7f18f7d1cc1cb34f6fe7a287a

    • SSDEEP

      768:mfahIdmVIBW+HvrxxxxxxxxxxxxxxBx15oB19mPHXRHrMWNCSGcdH8zevc:myhIdmVIBW+PQB19CR55+Cvc

    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks