General

  • Target

    24f066d9e9ab486f3287f36793869289dd461d5c3b1e229034a9b77fd9edf880

  • Size

    204KB

  • Sample

    241120-zzgs4atgnk

  • MD5

    d5cf9f9aba4bbf387c22c9f25b267294

  • SHA1

    ad7e76eb794cb45bda8d8ff3c35299342844af5c

  • SHA256

    24f066d9e9ab486f3287f36793869289dd461d5c3b1e229034a9b77fd9edf880

  • SHA512

    524f29e9c3762b1ece14980465e29a5122a79f25048a08ddd58420cf2b4fc0a6e161323e1a3660eb3011c3a194ab23a733af59da2f131d75494b63cba8834e1e

  • SSDEEP

    3072:amlW8p0tQ9nLHbB9W0c1TqECzR/mkSYGrl9ymgYUWqvB:V0O4QxL7B9W0c1RCzR/fSmlXB

Malware Config

Targets

    • Target

      24f066d9e9ab486f3287f36793869289dd461d5c3b1e229034a9b77fd9edf880

    • Size

      204KB

    • MD5

      d5cf9f9aba4bbf387c22c9f25b267294

    • SHA1

      ad7e76eb794cb45bda8d8ff3c35299342844af5c

    • SHA256

      24f066d9e9ab486f3287f36793869289dd461d5c3b1e229034a9b77fd9edf880

    • SHA512

      524f29e9c3762b1ece14980465e29a5122a79f25048a08ddd58420cf2b4fc0a6e161323e1a3660eb3011c3a194ab23a733af59da2f131d75494b63cba8834e1e

    • SSDEEP

      3072:amlW8p0tQ9nLHbB9W0c1TqECzR/mkSYGrl9ymgYUWqvB:V0O4QxL7B9W0c1RCzR/fSmlXB

    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks