General
-
Target
c8bd5c946433784b72d8d63a588ebcc68799a25370c69f91e48aab9889a68dda.exe
-
Size
88KB
-
Sample
241122-ww3pls1pbn
-
MD5
5181195e5529775e9f4be4275635131d
-
SHA1
b54a201097d3f37fbcf5aa2a38a8b898d952d13c
-
SHA256
c8bd5c946433784b72d8d63a588ebcc68799a25370c69f91e48aab9889a68dda
-
SHA512
082146632ff1d73d8e9b2afefced552a2c44c4acf0dd351d2c3db5303b5362aa2db6840126c75d947322592a5a10cfb05d5fc7586a58ebcfd2e6901ac1aef35c
-
SSDEEP
1536:WxnFH+sKd/EsUzUVACD1LGLULKLdLaL7gW8ENVk4LyYaE:g5+7/EsUAtNVQVE
Malware Config
Targets
-
-
Target
c8bd5c946433784b72d8d63a588ebcc68799a25370c69f91e48aab9889a68dda.exe
-
Size
88KB
-
MD5
5181195e5529775e9f4be4275635131d
-
SHA1
b54a201097d3f37fbcf5aa2a38a8b898d952d13c
-
SHA256
c8bd5c946433784b72d8d63a588ebcc68799a25370c69f91e48aab9889a68dda
-
SHA512
082146632ff1d73d8e9b2afefced552a2c44c4acf0dd351d2c3db5303b5362aa2db6840126c75d947322592a5a10cfb05d5fc7586a58ebcfd2e6901ac1aef35c
-
SSDEEP
1536:WxnFH+sKd/EsUzUVACD1LGLULKLdLaL7gW8ENVk4LyYaE:g5+7/EsUAtNVQVE
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2