General
-
Target
0001c32d4f5b7798d92913a6f0f0455ff4bb01b0af1df015bee8735be017ce4a.exe
-
Size
84KB
-
Sample
241119-phqdsswgnp
-
MD5
07c15bd2d499b5a79d6aa3f356f15b09
-
SHA1
3e7836257187c7e639a35a44abe48daa4007ff92
-
SHA256
0001c32d4f5b7798d92913a6f0f0455ff4bb01b0af1df015bee8735be017ce4a
-
SHA512
7fd2e08eabfb22d9d43973d92f5c7bd231144cdfd44cfb67a9b6aa2cd3f504588c9e570b3f22c95093fca0da9c25d80fb8dafd8e1fec1d5fee2682456c890f00
-
SSDEEP
1536:Is9dgsb16Lti8n42APNR2dcScLcPcxeTanuUHWOIs3xxNMq39gk34iSf0:MP4PNEdcScLcPcfnuo0X0
Malware Config
Targets
-
-
Target
0001c32d4f5b7798d92913a6f0f0455ff4bb01b0af1df015bee8735be017ce4a.exe
-
Size
84KB
-
MD5
07c15bd2d499b5a79d6aa3f356f15b09
-
SHA1
3e7836257187c7e639a35a44abe48daa4007ff92
-
SHA256
0001c32d4f5b7798d92913a6f0f0455ff4bb01b0af1df015bee8735be017ce4a
-
SHA512
7fd2e08eabfb22d9d43973d92f5c7bd231144cdfd44cfb67a9b6aa2cd3f504588c9e570b3f22c95093fca0da9c25d80fb8dafd8e1fec1d5fee2682456c890f00
-
SSDEEP
1536:Is9dgsb16Lti8n42APNR2dcScLcPcxeTanuUHWOIs3xxNMq39gk34iSf0:MP4PNEdcScLcPcfnuo0X0
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2