General
-
Target
c94efa3dac9d5a32f94e0e3c65006c1557f24d94da1d60b817b39753d94c87a7N.exe
-
Size
2.1MB
-
Sample
241130-fz76havjaz
-
MD5
7df7fd9c447aa10d3675ba7a6bfefd30
-
SHA1
3ef3b6422701ade8fac899f9800fbf54b0efdfac
-
SHA256
c94efa3dac9d5a32f94e0e3c65006c1557f24d94da1d60b817b39753d94c87a7
-
SHA512
bf06650279a7063cd9793e3e03f814f9ab29535c10f62ac65ddf7400c704ec1bf577ac1e382af3efe5d8e24f0472a2cff1ad5856dbba3fbb8ff9b9ee11371243
-
SSDEEP
24576:R79hHoOJrXeLF4Q9GZPEREpsD4f/H49wFd1SNpxtAxHusOtkwI/+P5T5MSDb5Bhr:R7IOldQaDc4f1Fd1SLZDx5McBn/e0C3i
Malware Config
Targets
-
-
Target
c94efa3dac9d5a32f94e0e3c65006c1557f24d94da1d60b817b39753d94c87a7N.exe
-
Size
2.1MB
-
MD5
7df7fd9c447aa10d3675ba7a6bfefd30
-
SHA1
3ef3b6422701ade8fac899f9800fbf54b0efdfac
-
SHA256
c94efa3dac9d5a32f94e0e3c65006c1557f24d94da1d60b817b39753d94c87a7
-
SHA512
bf06650279a7063cd9793e3e03f814f9ab29535c10f62ac65ddf7400c704ec1bf577ac1e382af3efe5d8e24f0472a2cff1ad5856dbba3fbb8ff9b9ee11371243
-
SSDEEP
24576:R79hHoOJrXeLF4Q9GZPEREpsD4f/H49wFd1SNpxtAxHusOtkwI/+P5T5MSDb5Bhr:R7IOldQaDc4f1Fd1SLZDx5McBn/e0C3i
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1