General
-
Target
b73851a896ad6ab227ab328c05f7d87110997a87c86e455427dba87addfdc6eb
-
Size
48KB
-
Sample
241121-gftpfayemb
-
MD5
0e4f25c408fcd0dcc7e4d3f05db57e7e
-
SHA1
373eeb5ba8be5a003f2b6648fdbf3852acde6838
-
SHA256
b73851a896ad6ab227ab328c05f7d87110997a87c86e455427dba87addfdc6eb
-
SHA512
42d2bf3c5329045840c32c1fc621fecf6c1ff1975fdf6f6042f788c3ec77fee738f0beefc61248d661a9d7ecc4a5b0319097a9d0fc9ffd5fd82347b6be7d3de9
-
SSDEEP
768:qVtN0XHONQwQeGTwK0NHXsH6bJCYhx8HV0kvcUwSuUCw3+MK:qVlN8HTwKqWAxcpvcqu74+J
Malware Config
Targets
-
-
Target
b73851a896ad6ab227ab328c05f7d87110997a87c86e455427dba87addfdc6eb
-
Size
48KB
-
MD5
0e4f25c408fcd0dcc7e4d3f05db57e7e
-
SHA1
373eeb5ba8be5a003f2b6648fdbf3852acde6838
-
SHA256
b73851a896ad6ab227ab328c05f7d87110997a87c86e455427dba87addfdc6eb
-
SHA512
42d2bf3c5329045840c32c1fc621fecf6c1ff1975fdf6f6042f788c3ec77fee738f0beefc61248d661a9d7ecc4a5b0319097a9d0fc9ffd5fd82347b6be7d3de9
-
SSDEEP
768:qVtN0XHONQwQeGTwK0NHXsH6bJCYhx8HV0kvcUwSuUCw3+MK:qVlN8HTwKqWAxcpvcqu74+J
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2