General
-
Target
ebeba6ca66f2de14808fce8857b8e2f5b4bdcf4537c032c97093e761d27ac4f3
-
Size
50KB
-
Sample
241121-nd39eswmap
-
MD5
97db809e825cee055d3e79a0bd937fff
-
SHA1
96b6e7fdf0c6dc32b8deb0711f888ee7bb0dbb06
-
SHA256
ebeba6ca66f2de14808fce8857b8e2f5b4bdcf4537c032c97093e761d27ac4f3
-
SHA512
87f9350f3533c05110e073ce21b1f6c85941ac91da3ea032198888f7be465285b404f78dc83e1e071ffa5808821674278226823f049f92d88596733ef19450f5
-
SSDEEP
1536:SxGPLTFI0GCfUQv+xhWylmBaqFsJC5F5BzXUnwzjx/u1bmtlokMfGXf:tPLRIQU+qhwFD
Malware Config
Targets
-
-
Target
ebeba6ca66f2de14808fce8857b8e2f5b4bdcf4537c032c97093e761d27ac4f3
-
Size
50KB
-
MD5
97db809e825cee055d3e79a0bd937fff
-
SHA1
96b6e7fdf0c6dc32b8deb0711f888ee7bb0dbb06
-
SHA256
ebeba6ca66f2de14808fce8857b8e2f5b4bdcf4537c032c97093e761d27ac4f3
-
SHA512
87f9350f3533c05110e073ce21b1f6c85941ac91da3ea032198888f7be465285b404f78dc83e1e071ffa5808821674278226823f049f92d88596733ef19450f5
-
SSDEEP
1536:SxGPLTFI0GCfUQv+xhWylmBaqFsJC5F5BzXUnwzjx/u1bmtlokMfGXf:tPLRIQU+qhwFD
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2