General

  • Target

    fc563bf38932194e09aff7f6c5f19ec02ea89c5a7cb6bb31e34c96abd6e074fe

  • Size

    24.2MB

  • Sample

    241121-btc1ysybjr

  • MD5

    43f04fe37d57c98d71eb42a344e5fced

  • SHA1

    f67806202d4260bb00e8f3851477bd37eb59f680

  • SHA256

    fc563bf38932194e09aff7f6c5f19ec02ea89c5a7cb6bb31e34c96abd6e074fe

  • SHA512

    da33a4ab6df478073c8c5bfb95770bcde6ac0eced377b5592450b37fa1b59a8d5246c139870ac7e6a7625e944f4ee3cebf3b4e32de5171212d70de30ef1652f5

  • SSDEEP

    196608:bk8oRvgMb5vryItxNGR4Sk/CHGif40aSab2XbHOlGaq5EkW/uiZG:b46Mb5vrfwR4STOebHOlGakWnG

Malware Config

Targets

    • Target

      fc563bf38932194e09aff7f6c5f19ec02ea89c5a7cb6bb31e34c96abd6e074fe

    • Size

      24.2MB

    • MD5

      43f04fe37d57c98d71eb42a344e5fced

    • SHA1

      f67806202d4260bb00e8f3851477bd37eb59f680

    • SHA256

      fc563bf38932194e09aff7f6c5f19ec02ea89c5a7cb6bb31e34c96abd6e074fe

    • SHA512

      da33a4ab6df478073c8c5bfb95770bcde6ac0eced377b5592450b37fa1b59a8d5246c139870ac7e6a7625e944f4ee3cebf3b4e32de5171212d70de30ef1652f5

    • SSDEEP

      196608:bk8oRvgMb5vryItxNGR4Sk/CHGif40aSab2XbHOlGaq5EkW/uiZG:b46Mb5vrfwR4STOebHOlGakWnG

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks