General
-
Target
d862746f084183bb16765decc21f0eea62c48ac96eed0f9364a8a9af3248db6d.exe
-
Size
232KB
-
Sample
241122-nr5peazmav
-
MD5
460a381c320cf3cdb78be1dac853c5f8
-
SHA1
1fcc3c325983e71dcc7e5805cd2c98c5158ba645
-
SHA256
d862746f084183bb16765decc21f0eea62c48ac96eed0f9364a8a9af3248db6d
-
SHA512
61c42397ac0b82c40b721b7b381b3a79aaaec11faab91757111b68768a140670c2f17cde8887324a7aad2895d486d9f154e681ac92902370a9cee80d65b9fbee
-
SSDEEP
6144:dU3PFKs78g2KyEOaWEqxF6snji81RUinKdNOb6:8Ph+mF7
Malware Config
Targets
-
-
Target
d862746f084183bb16765decc21f0eea62c48ac96eed0f9364a8a9af3248db6d.exe
-
Size
232KB
-
MD5
460a381c320cf3cdb78be1dac853c5f8
-
SHA1
1fcc3c325983e71dcc7e5805cd2c98c5158ba645
-
SHA256
d862746f084183bb16765decc21f0eea62c48ac96eed0f9364a8a9af3248db6d
-
SHA512
61c42397ac0b82c40b721b7b381b3a79aaaec11faab91757111b68768a140670c2f17cde8887324a7aad2895d486d9f154e681ac92902370a9cee80d65b9fbee
-
SSDEEP
6144:dU3PFKs78g2KyEOaWEqxF6snji81RUinKdNOb6:8Ph+mF7
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2