General

  • Target

    Guide,5466861539.exe(executable)

  • Size

    37KB

  • Sample

    250519-tagh5sbl5z

  • MD5

    050681abc76f3addb8bde8e543d2046b

  • SHA1

    6783be87dd4439f5e5be36d1dc69ed9f16772c81

  • SHA256

    72ba5be45569ec32eb6c98c7211c9df3e9d73f0f611892ef533f591e39b18d68

  • SHA512

    4849fd3deb22e44a2f40d94751bf0b9850ed4fcf580e2f8ef89c634ff862dbf8e76cd4a0ac8ec76f2718e39b31b734e65ef7f26bca2883ddf05c9628e04a17c9

  • SSDEEP

    384:Gm9+4zIZecuHL9JymE3jA7JAi7Je4F2Q/MPUiNR48/VRxc7zjN9Mprxkq:GmE4zKecuHXym6jKTpooGUCiIVikprxf

Malware Config

Targets

    • Target

      Guide,5466861539.exe(executable)

    • Size

      37KB

    • MD5

      050681abc76f3addb8bde8e543d2046b

    • SHA1

      6783be87dd4439f5e5be36d1dc69ed9f16772c81

    • SHA256

      72ba5be45569ec32eb6c98c7211c9df3e9d73f0f611892ef533f591e39b18d68

    • SHA512

      4849fd3deb22e44a2f40d94751bf0b9850ed4fcf580e2f8ef89c634ff862dbf8e76cd4a0ac8ec76f2718e39b31b734e65ef7f26bca2883ddf05c9628e04a17c9

    • SSDEEP

      384:Gm9+4zIZecuHL9JymE3jA7JAi7Je4F2Q/MPUiNR48/VRxc7zjN9Mprxkq:GmE4zKecuHXym6jKTpooGUCiIVikprxf

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Sets desktop wallpaper using registry

MITRE ATT&CK Enterprise v16

Tasks