General
-
Target
da0e69d3282335937e7e3f882d324760130b1ef636eb302e28a234de81e2f6abN.exe
-
Size
88KB
-
Sample
241122-j88eeaxlfy
-
MD5
eb9ce45bdaab26380a0ad8e4cbb64d70
-
SHA1
43d4272f612d9ed6f75e451e820bf5c8797a3875
-
SHA256
da0e69d3282335937e7e3f882d324760130b1ef636eb302e28a234de81e2f6ab
-
SHA512
70ae04cc56ca3c1b634f1bff9cca11a4bfab9d6e2ecff49798ab80616e3a1f596e5b249dfb548217d680dae6425309dc6aa2d4433eb54b99fd804046183aa10f
-
SSDEEP
768:6lXIB+dyAnffZzCjsK2+/T/PmLRBNV3ZJfqHJvE/AZbyd:6JIQAER5K2KjPmLRBNJqHJNZmd
Malware Config
Targets
-
-
Target
da0e69d3282335937e7e3f882d324760130b1ef636eb302e28a234de81e2f6abN.exe
-
Size
88KB
-
MD5
eb9ce45bdaab26380a0ad8e4cbb64d70
-
SHA1
43d4272f612d9ed6f75e451e820bf5c8797a3875
-
SHA256
da0e69d3282335937e7e3f882d324760130b1ef636eb302e28a234de81e2f6ab
-
SHA512
70ae04cc56ca3c1b634f1bff9cca11a4bfab9d6e2ecff49798ab80616e3a1f596e5b249dfb548217d680dae6425309dc6aa2d4433eb54b99fd804046183aa10f
-
SSDEEP
768:6lXIB+dyAnffZzCjsK2+/T/PmLRBNV3ZJfqHJvE/AZbyd:6JIQAER5K2KjPmLRBNJqHJNZmd
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2