General

  • Target

    cff19385f9abc2d4c672c64c94ae4ebea2dd74e5abd17464f08809d3aebe6317.exe

  • Size

    368KB

  • Sample

    241120-zwjhhssgqb

  • MD5

    e0e79354e6b6234d87efdbf52c232657

  • SHA1

    b4f62408f5e143cb8a2d82cfdbc6b7d4021a5580

  • SHA256

    cff19385f9abc2d4c672c64c94ae4ebea2dd74e5abd17464f08809d3aebe6317

  • SHA512

    e9bfc75304e7f962f7ccacd46878b58a72782bc73a7d8960edf1dbfc129033206f3abae7f9331bd9fb428213caa4e343aabd6e7b195e992dbe6f4257fd3f918a

  • SSDEEP

    1536:s0PkF42Z/Hmkiw+667MIBf28zPJtC6IoD/QWgxektFAo11Sq:TPA42mLf2RxIfq

Malware Config

Targets

    • Target

      cff19385f9abc2d4c672c64c94ae4ebea2dd74e5abd17464f08809d3aebe6317.exe

    • Size

      368KB

    • MD5

      e0e79354e6b6234d87efdbf52c232657

    • SHA1

      b4f62408f5e143cb8a2d82cfdbc6b7d4021a5580

    • SHA256

      cff19385f9abc2d4c672c64c94ae4ebea2dd74e5abd17464f08809d3aebe6317

    • SHA512

      e9bfc75304e7f962f7ccacd46878b58a72782bc73a7d8960edf1dbfc129033206f3abae7f9331bd9fb428213caa4e343aabd6e7b195e992dbe6f4257fd3f918a

    • SSDEEP

      1536:s0PkF42Z/Hmkiw+667MIBf28zPJtC6IoD/QWgxektFAo11Sq:TPA42mLf2RxIfq

    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks