General
-
Target
8b995fc841b62a3e324a68f58c03b13beea0d64fa9c4742a74bd862f5f477e05.exe
-
Size
75KB
-
Sample
241120-w6qg2a1ald
-
MD5
e028c7a90bd94ea88e9f070030ad3b98
-
SHA1
db25c77adab60b51861b961772987b781ba374f3
-
SHA256
8b995fc841b62a3e324a68f58c03b13beea0d64fa9c4742a74bd862f5f477e05
-
SHA512
3d38d4b04b011d9bb134353de3c603579966fd5c0ad40481de3f2566543b41b1c120c1b9d5ad391b533b140eb96a972e43a46f5bb4ab75bb16c66fafeed2b14b
-
SSDEEP
1536:F4Qp441sjPEutHwHiHoHV/NBbgzrqNldFCnDNlN1t7gqi:+Qa4Yc/NBbgzrqNldFCnDNlN1Pi
Malware Config
Targets
-
-
Target
8b995fc841b62a3e324a68f58c03b13beea0d64fa9c4742a74bd862f5f477e05.exe
-
Size
75KB
-
MD5
e028c7a90bd94ea88e9f070030ad3b98
-
SHA1
db25c77adab60b51861b961772987b781ba374f3
-
SHA256
8b995fc841b62a3e324a68f58c03b13beea0d64fa9c4742a74bd862f5f477e05
-
SHA512
3d38d4b04b011d9bb134353de3c603579966fd5c0ad40481de3f2566543b41b1c120c1b9d5ad391b533b140eb96a972e43a46f5bb4ab75bb16c66fafeed2b14b
-
SSDEEP
1536:F4Qp441sjPEutHwHiHoHV/NBbgzrqNldFCnDNlN1t7gqi:+Qa4Yc/NBbgzrqNldFCnDNlN1Pi
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2