General
-
Target
2f55fc03f2d2b24ef7a91e1735d53476e78e425f68b6389abb61324fe07ad3c7.exe
-
Size
168KB
-
Sample
241121-a2a1ws1phm
-
MD5
1e51f1490f447692da67d1518074b07a
-
SHA1
6f5072d0895787fa676369695c256ee5e08bb1d7
-
SHA256
2f55fc03f2d2b24ef7a91e1735d53476e78e425f68b6389abb61324fe07ad3c7
-
SHA512
708bb5ce72376e35ea2617ce582f1d850b5c1d02e8da0cbce22ed606717d74fedb567ddad0d0a30c01fc87b69248d4281677d80a123fde72c53a10609ef727cb
-
SSDEEP
1536:2yP6gbdc30f8kX8PsHy244nDUnBC2U6ge:V6gbdcEf8kX8PsHy244nDUnBC28e
Malware Config
Targets
-
-
Target
2f55fc03f2d2b24ef7a91e1735d53476e78e425f68b6389abb61324fe07ad3c7.exe
-
Size
168KB
-
MD5
1e51f1490f447692da67d1518074b07a
-
SHA1
6f5072d0895787fa676369695c256ee5e08bb1d7
-
SHA256
2f55fc03f2d2b24ef7a91e1735d53476e78e425f68b6389abb61324fe07ad3c7
-
SHA512
708bb5ce72376e35ea2617ce582f1d850b5c1d02e8da0cbce22ed606717d74fedb567ddad0d0a30c01fc87b69248d4281677d80a123fde72c53a10609ef727cb
-
SSDEEP
1536:2yP6gbdc30f8kX8PsHy244nDUnBC2U6ge:V6gbdcEf8kX8PsHy244nDUnBC28e
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2