General
-
Target
a9bcbf31557835114e4f3e0be46132385646609ff9826b4050952714e978f2f2.exe
-
Size
111KB
-
Sample
241121-lhs8xa1gkk
-
MD5
891ec2f65851d6ecec54ab9ba28f5f7f
-
SHA1
5484bd239b0abe01b71a53892f1dd7d839bdc53e
-
SHA256
a9bcbf31557835114e4f3e0be46132385646609ff9826b4050952714e978f2f2
-
SHA512
e467cdd3596049d8d5e225d00e1bf5441c847f839630ec2b994370b58a3c39fdaccedec281070750fde4534984ad9bf561ae4301a1ea78d8fe3f9ad8303df42f
-
SSDEEP
3072:V1EDc6Pgip4D4dMz4n4N4t4R4aEIIIIzcy:V1EDZ1xMdEIIIIzX
Malware Config
Targets
-
-
Target
a9bcbf31557835114e4f3e0be46132385646609ff9826b4050952714e978f2f2.exe
-
Size
111KB
-
MD5
891ec2f65851d6ecec54ab9ba28f5f7f
-
SHA1
5484bd239b0abe01b71a53892f1dd7d839bdc53e
-
SHA256
a9bcbf31557835114e4f3e0be46132385646609ff9826b4050952714e978f2f2
-
SHA512
e467cdd3596049d8d5e225d00e1bf5441c847f839630ec2b994370b58a3c39fdaccedec281070750fde4534984ad9bf561ae4301a1ea78d8fe3f9ad8303df42f
-
SSDEEP
3072:V1EDc6Pgip4D4dMz4n4N4t4R4aEIIIIzcy:V1EDZ1xMdEIIIIzX
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2