General
-
Target
e3dc5b2d20052b4658fa35f928c10d831ee05dc9218a85826b366f480adfd8bd
-
Size
88KB
-
Sample
241121-mmkyrssaqj
-
MD5
0a4200838f49f7dded2cedf9b79c07e4
-
SHA1
888ec3a613a70541f29179c0fd5cdf888b330461
-
SHA256
e3dc5b2d20052b4658fa35f928c10d831ee05dc9218a85826b366f480adfd8bd
-
SHA512
e1fd94f82cf623029cc1ed0435be97a427779cb8f16d6a183760518b6b0087980a39daacd76ee794a5e85cee95ccdc8b4cd2e3e16dc2577d15f57445bc4d0910
-
SSDEEP
768:6lXIk+U+KiMeffZzCjsK2+/T/PmLRBNV3ZJfqHJvE/AZbydR:6JIk+tVR5K2KjPmLRBNJqHJNZmdR
Malware Config
Targets
-
-
Target
e3dc5b2d20052b4658fa35f928c10d831ee05dc9218a85826b366f480adfd8bd
-
Size
88KB
-
MD5
0a4200838f49f7dded2cedf9b79c07e4
-
SHA1
888ec3a613a70541f29179c0fd5cdf888b330461
-
SHA256
e3dc5b2d20052b4658fa35f928c10d831ee05dc9218a85826b366f480adfd8bd
-
SHA512
e1fd94f82cf623029cc1ed0435be97a427779cb8f16d6a183760518b6b0087980a39daacd76ee794a5e85cee95ccdc8b4cd2e3e16dc2577d15f57445bc4d0910
-
SSDEEP
768:6lXIk+U+KiMeffZzCjsK2+/T/PmLRBNV3ZJfqHJvE/AZbydR:6JIk+tVR5K2KjPmLRBNJqHJNZmdR
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2