General

  • Target

    01dd2184eb71969187a3291afe9c59e93c3c9b9a97a8416e33ed7660c1a62605

  • Size

    87KB

  • Sample

    241120-xv6kjssdkp

  • MD5

    debe698c3b33ab7a6c2081e6545249c2

  • SHA1

    257377217fabf3778cb267cd8a744da0b7e76b96

  • SHA256

    01dd2184eb71969187a3291afe9c59e93c3c9b9a97a8416e33ed7660c1a62605

  • SHA512

    dfac6ef6ed14693281319fd67d2b20479a1d081914c17caf08cc519ad04b2868c42fbeab062d1863b3df21c9da6201f6dfd051c1dc4e3a006ed4c9eb19bf0e2d

  • SSDEEP

    1536:1a3+ddygX7y9v7Z+NoykJHBOAFRfBjG3ldoIH:08dfX7y9DZ+N7eB+IIH

Malware Config

Targets

    • Target

      01dd2184eb71969187a3291afe9c59e93c3c9b9a97a8416e33ed7660c1a62605

    • Size

      87KB

    • MD5

      debe698c3b33ab7a6c2081e6545249c2

    • SHA1

      257377217fabf3778cb267cd8a744da0b7e76b96

    • SHA256

      01dd2184eb71969187a3291afe9c59e93c3c9b9a97a8416e33ed7660c1a62605

    • SHA512

      dfac6ef6ed14693281319fd67d2b20479a1d081914c17caf08cc519ad04b2868c42fbeab062d1863b3df21c9da6201f6dfd051c1dc4e3a006ed4c9eb19bf0e2d

    • SSDEEP

      1536:1a3+ddygX7y9v7Z+NoykJHBOAFRfBjG3ldoIH:08dfX7y9DZ+N7eB+IIH

    • Modifies WinLogon for persistence

    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks