General
-
Target
3bb158a09f8802684e28a1c5d773206eeb3ab765a90f62e76923f893a0194b5c
-
Size
52KB
-
Sample
241120-1zfrgaveqn
-
MD5
5fc762d1639d29a0e178bb3cfde372b1
-
SHA1
410464cf4d6f949bd9d078330f03ee1b0e5e66c8
-
SHA256
3bb158a09f8802684e28a1c5d773206eeb3ab765a90f62e76923f893a0194b5c
-
SHA512
263cf91901c4d4f2ed27c0b90b36065b57800f35b0bff6a35b29d650c6028fa87ea95b7ac6b174176a13de0137f7c0bf35f748363043cfc3656143cd57269c52
-
SSDEEP
768:o5j3df8ZRvmDVWl8zHPHXyXHCzcHHvzQBdi9vcIVSEFFoHa0ZKT:o5OROVWl4vUv4WvcsFFoHxIT
Malware Config
Targets
-
-
Target
3bb158a09f8802684e28a1c5d773206eeb3ab765a90f62e76923f893a0194b5c
-
Size
52KB
-
MD5
5fc762d1639d29a0e178bb3cfde372b1
-
SHA1
410464cf4d6f949bd9d078330f03ee1b0e5e66c8
-
SHA256
3bb158a09f8802684e28a1c5d773206eeb3ab765a90f62e76923f893a0194b5c
-
SHA512
263cf91901c4d4f2ed27c0b90b36065b57800f35b0bff6a35b29d650c6028fa87ea95b7ac6b174176a13de0137f7c0bf35f748363043cfc3656143cd57269c52
-
SSDEEP
768:o5j3df8ZRvmDVWl8zHPHXyXHCzcHHvzQBdi9vcIVSEFFoHa0ZKT:o5OROVWl4vUv4WvcsFFoHxIT
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2