General
-
Target
74d3fc2a95eec72b17cf436a1f9d5ffc42727a8190db21cfea76cfd8b92a4243
-
Size
52KB
-
Sample
241121-ame2aswene
-
MD5
45d202dd76b10bca0c5af7b100d0395f
-
SHA1
3884896881c640f35cf44c25573d2fe58fff93e2
-
SHA256
74d3fc2a95eec72b17cf436a1f9d5ffc42727a8190db21cfea76cfd8b92a4243
-
SHA512
ce77bf32f5fcf992298fa69e31f350b531c4d3b6a997d2a4c3fb418d77532b1ea9d9f84c14241ea4fe7969460e5eef126b1f88a1bdaf5f23cf3907fc20a0cfb4
-
SSDEEP
768:CXj3df4ZEux3A/NX3jDVWl8zHPHXyXHCzcHHvzQBdi9vcIVSEFFoHa0ZKT:CXCEu+VnVWl4vUv4WvcsFFoHxIT
Malware Config
Targets
-
-
Target
74d3fc2a95eec72b17cf436a1f9d5ffc42727a8190db21cfea76cfd8b92a4243
-
Size
52KB
-
MD5
45d202dd76b10bca0c5af7b100d0395f
-
SHA1
3884896881c640f35cf44c25573d2fe58fff93e2
-
SHA256
74d3fc2a95eec72b17cf436a1f9d5ffc42727a8190db21cfea76cfd8b92a4243
-
SHA512
ce77bf32f5fcf992298fa69e31f350b531c4d3b6a997d2a4c3fb418d77532b1ea9d9f84c14241ea4fe7969460e5eef126b1f88a1bdaf5f23cf3907fc20a0cfb4
-
SSDEEP
768:CXj3df4ZEux3A/NX3jDVWl8zHPHXyXHCzcHHvzQBdi9vcIVSEFFoHa0ZKT:CXCEu+VnVWl4vUv4WvcsFFoHxIT
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2