General

  • Target

    031850efc4a1521bbaf2183076237d752ddf0fcee8b8f618f9860469de506b58.exe

  • Size

    140KB

  • Sample

    241117-q3x5ta1fpl

  • MD5

    850a54c1c4fde385fdb1adc8e2325ae3

  • SHA1

    a3a4c599b8814c9448e6e5135f2d88057ddb993f

  • SHA256

    031850efc4a1521bbaf2183076237d752ddf0fcee8b8f618f9860469de506b58

  • SHA512

    4a0c8e4e1f639008f4ad5572052383f9c7ed0508e7b7b2991ec407f69ff7f642e41ce3c945025492b864d874b581e774f98fbc4138210dbb96d8b861ff3ef05f

  • SSDEEP

    3072:wair33vu3XuIcN6/xbccM3hEL8fyUha5fJidcv:waW/uuIcNmLX8dhaRJidW

Malware Config

Targets

    • Target

      031850efc4a1521bbaf2183076237d752ddf0fcee8b8f618f9860469de506b58.exe

    • Size

      140KB

    • MD5

      850a54c1c4fde385fdb1adc8e2325ae3

    • SHA1

      a3a4c599b8814c9448e6e5135f2d88057ddb993f

    • SHA256

      031850efc4a1521bbaf2183076237d752ddf0fcee8b8f618f9860469de506b58

    • SHA512

      4a0c8e4e1f639008f4ad5572052383f9c7ed0508e7b7b2991ec407f69ff7f642e41ce3c945025492b864d874b581e774f98fbc4138210dbb96d8b861ff3ef05f

    • SSDEEP

      3072:wair33vu3XuIcN6/xbccM3hEL8fyUha5fJidcv:waW/uuIcNmLX8dhaRJidW

    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks