General
-
Target
de5a463ab460f8d517a678001b0532dfe1a9f40bf0de2a5c77d4631cb08b6304N.exe
-
Size
60KB
-
Sample
241122-xcdf2swlgw
-
MD5
cf254bd70e12a2268931fff43de470e0
-
SHA1
811c8dd65ec4f0d45a0d334a6dac1f9de4a3b634
-
SHA256
de5a463ab460f8d517a678001b0532dfe1a9f40bf0de2a5c77d4631cb08b6304
-
SHA512
7a173a8a7cf414ba28edb64fa8d88608e4dd39eca47caed3d378f04e49ee839aa7693be0c09c76a407758dc835a2cffdb7f7b9da5a88e032c24000d862132886
-
SSDEEP
1536:ysSH2LffjwHIG571Zpw25L0zF/w12T30S5z4+:gkffMHdZpw2dO/w12Tk3+
Malware Config
Targets
-
-
Target
de5a463ab460f8d517a678001b0532dfe1a9f40bf0de2a5c77d4631cb08b6304N.exe
-
Size
60KB
-
MD5
cf254bd70e12a2268931fff43de470e0
-
SHA1
811c8dd65ec4f0d45a0d334a6dac1f9de4a3b634
-
SHA256
de5a463ab460f8d517a678001b0532dfe1a9f40bf0de2a5c77d4631cb08b6304
-
SHA512
7a173a8a7cf414ba28edb64fa8d88608e4dd39eca47caed3d378f04e49ee839aa7693be0c09c76a407758dc835a2cffdb7f7b9da5a88e032c24000d862132886
-
SSDEEP
1536:ysSH2LffjwHIG571Zpw25L0zF/w12T30S5z4+:gkffMHdZpw2dO/w12Tk3+
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2