General
-
Target
922e5bdfe56cae648449750335a4bb01a5a8ae5b8bbb7d3289ec9427fc11b37f
-
Size
296KB
-
Sample
241122-cegk9s1rh1
-
MD5
4600f8268ca884c291b391dda25849d0
-
SHA1
dcff33757d2a54f381e6eb498a84dbcf540dc774
-
SHA256
922e5bdfe56cae648449750335a4bb01a5a8ae5b8bbb7d3289ec9427fc11b37f
-
SHA512
c3203ab728e96dfe8257bf60da608feae27e4ee55e5fb01df9c569a5b44868530b8485d1cf49aa0992b7de08b1993a1dba783230f5fb17df5fc2f25591a6bde2
-
SSDEEP
6144:uV5tdO1V0uKnvmb7/D26CVrBROjD8R4F0jI+UNc5ynagM/eSpbN1AyllZI4DS7Yq:untdO1V0uKnvmb7/D26lD8R4F0jI+UNN
Malware Config
Targets
-
-
Target
922e5bdfe56cae648449750335a4bb01a5a8ae5b8bbb7d3289ec9427fc11b37f
-
Size
296KB
-
MD5
4600f8268ca884c291b391dda25849d0
-
SHA1
dcff33757d2a54f381e6eb498a84dbcf540dc774
-
SHA256
922e5bdfe56cae648449750335a4bb01a5a8ae5b8bbb7d3289ec9427fc11b37f
-
SHA512
c3203ab728e96dfe8257bf60da608feae27e4ee55e5fb01df9c569a5b44868530b8485d1cf49aa0992b7de08b1993a1dba783230f5fb17df5fc2f25591a6bde2
-
SSDEEP
6144:uV5tdO1V0uKnvmb7/D26CVrBROjD8R4F0jI+UNc5ynagM/eSpbN1AyllZI4DS7Yq:untdO1V0uKnvmb7/D26lD8R4F0jI+UNN
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2