General
-
Target
d0bfed4c3a47cbb740ffb839f8a0ad1092ceb458678eba704a919309d828666e
-
Size
52KB
-
Sample
241121-knfpbsvmfj
-
MD5
42d54f984cbe46fdf9ce35eca6dfb205
-
SHA1
a67decfefbd6eaa2eab78cedd2a3b0d0fd41556b
-
SHA256
d0bfed4c3a47cbb740ffb839f8a0ad1092ceb458678eba704a919309d828666e
-
SHA512
e7f444ed638864fe59701a93d8c90ab5c84e0edbd0a976a1847462a8a51258f37e591ddbf0a0c21ce5377f2a7f06cfed3ff92fa1111db9fa1166ae6185d03581
-
SSDEEP
768:oRj3dfUZIyY8DVWl8zHPHXyXHCzcHHvzQBdi9vcIVSEFFoHa0ZKD:oRWIIVWl4vUv4WvcsFFoHxID
Malware Config
Targets
-
-
Target
d0bfed4c3a47cbb740ffb839f8a0ad1092ceb458678eba704a919309d828666e
-
Size
52KB
-
MD5
42d54f984cbe46fdf9ce35eca6dfb205
-
SHA1
a67decfefbd6eaa2eab78cedd2a3b0d0fd41556b
-
SHA256
d0bfed4c3a47cbb740ffb839f8a0ad1092ceb458678eba704a919309d828666e
-
SHA512
e7f444ed638864fe59701a93d8c90ab5c84e0edbd0a976a1847462a8a51258f37e591ddbf0a0c21ce5377f2a7f06cfed3ff92fa1111db9fa1166ae6185d03581
-
SSDEEP
768:oRj3dfUZIyY8DVWl8zHPHXyXHCzcHHvzQBdi9vcIVSEFFoHa0ZKD:oRWIIVWl4vUv4WvcsFFoHxID
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2