General
-
Target
3c1f80c99cb2d5d7a205df03a558e84b1666da2699d1cc19a8a137839bf1d4c0.exe
-
Size
32KB
-
Sample
241126-bv4v3atleq
-
MD5
efd052d91d10e709a6b6ab313d25b505
-
SHA1
5bf7f8e90d4a751a3dae3df9bf00d4dedaa84b24
-
SHA256
3c1f80c99cb2d5d7a205df03a558e84b1666da2699d1cc19a8a137839bf1d4c0
-
SHA512
1e49844708356d81cc03a1932004c7c667fc20f48cfbd55f2fa464726474763209612592be0f124958335c23d59cf9496837a2a0184b6bee7e9a8be97805c545
-
SSDEEP
768:BmahIdmVIBW+HvWa+z15oB19mPHXRHrMWNCSGcdH8zevcd:B3hIdmVIBW+P9B19CR55+Cvcd
Malware Config
Targets
-
-
Target
3c1f80c99cb2d5d7a205df03a558e84b1666da2699d1cc19a8a137839bf1d4c0.exe
-
Size
32KB
-
MD5
efd052d91d10e709a6b6ab313d25b505
-
SHA1
5bf7f8e90d4a751a3dae3df9bf00d4dedaa84b24
-
SHA256
3c1f80c99cb2d5d7a205df03a558e84b1666da2699d1cc19a8a137839bf1d4c0
-
SHA512
1e49844708356d81cc03a1932004c7c667fc20f48cfbd55f2fa464726474763209612592be0f124958335c23d59cf9496837a2a0184b6bee7e9a8be97805c545
-
SSDEEP
768:BmahIdmVIBW+HvWa+z15oB19mPHXRHrMWNCSGcdH8zevcd:B3hIdmVIBW+P9B19CR55+Cvcd
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2