General
-
Target
66e2b18e119fb60c4af0528bc99da26a38b17608ce0a13e8894adffa2fe6c112.exe
-
Size
288KB
-
Sample
241120-yghr1asfnk
-
MD5
bdebfc30bcdc2221677d948e96b0c572
-
SHA1
bca24627e8b3cc94761ea814d715331634815b50
-
SHA256
66e2b18e119fb60c4af0528bc99da26a38b17608ce0a13e8894adffa2fe6c112
-
SHA512
8bafa608bfd437a23cbe98fa113ebe466308b049730f07a3d7a951845b7428e0ddd5c9908773f05b2d6a44f8a21264cec29277a31e796c4b289580e992b8b612
-
SSDEEP
1536:Mop0Mph3CUcIrwpHrF1h8JAgSXq/fiTvlATmeX4Z4R4H4i4/o9FKs0z2xoetEPnV:xXpcIcz1+pucz9/tBH3H3eA
Malware Config
Targets
-
-
Target
66e2b18e119fb60c4af0528bc99da26a38b17608ce0a13e8894adffa2fe6c112.exe
-
Size
288KB
-
MD5
bdebfc30bcdc2221677d948e96b0c572
-
SHA1
bca24627e8b3cc94761ea814d715331634815b50
-
SHA256
66e2b18e119fb60c4af0528bc99da26a38b17608ce0a13e8894adffa2fe6c112
-
SHA512
8bafa608bfd437a23cbe98fa113ebe466308b049730f07a3d7a951845b7428e0ddd5c9908773f05b2d6a44f8a21264cec29277a31e796c4b289580e992b8b612
-
SSDEEP
1536:Mop0Mph3CUcIrwpHrF1h8JAgSXq/fiTvlATmeX4Z4R4H4i4/o9FKs0z2xoetEPnV:xXpcIcz1+pucz9/tBH3H3eA
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2