General
-
Target
2d7c2eadeff9fcb6a0ba8f497c24bcecbee72a281a18ea4c9bc7ab52519c04b3.exe
-
Size
156KB
-
Sample
241119-rdh52awhpb
-
MD5
1e366e36c80cba426cffcc2836713681
-
SHA1
b045181fc509aedc6e6c7b59b2138cf217aae4cf
-
SHA256
2d7c2eadeff9fcb6a0ba8f497c24bcecbee72a281a18ea4c9bc7ab52519c04b3
-
SHA512
d985ae1c4902be9a25727e1c15e6bd087dd02ab83cb9663b580d18807e7dd2d1f816399c4a2f12df01b2552d15c6e86c8f79e0d2dcd4d550e92c508273662617
-
SSDEEP
3072:QBd1iE2MtU7Qv0w4ZRRQMMDwtIMCeFP4ANA4oQZiEbMc:SdcE2R7Qvb4tQTaCeFP4A+W/
Malware Config
Targets
-
-
Target
2d7c2eadeff9fcb6a0ba8f497c24bcecbee72a281a18ea4c9bc7ab52519c04b3.exe
-
Size
156KB
-
MD5
1e366e36c80cba426cffcc2836713681
-
SHA1
b045181fc509aedc6e6c7b59b2138cf217aae4cf
-
SHA256
2d7c2eadeff9fcb6a0ba8f497c24bcecbee72a281a18ea4c9bc7ab52519c04b3
-
SHA512
d985ae1c4902be9a25727e1c15e6bd087dd02ab83cb9663b580d18807e7dd2d1f816399c4a2f12df01b2552d15c6e86c8f79e0d2dcd4d550e92c508273662617
-
SSDEEP
3072:QBd1iE2MtU7Qv0w4ZRRQMMDwtIMCeFP4ANA4oQZiEbMc:SdcE2R7Qvb4tQTaCeFP4A+W/
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2