General
-
Target
5de55c68325c841463352b7e53b058a65e476579fa8cf7126b9dbc6fc4fddc92
-
Size
143KB
-
Sample
221221-mcq22aca92
-
MD5
193cbda4598fe61c69b538416fb78aa1
-
SHA1
7f8546a917732a4daf146b818fdb7c14b25df3ba
-
SHA256
5de55c68325c841463352b7e53b058a65e476579fa8cf7126b9dbc6fc4fddc92
-
SHA512
9e3cb60b519fb6f81b484048ab9e9b4ec78ef81f30c31807d28e18b8ac91a36e94d0c19e5e09082b1039cbcc4b6ece4189677168c97fe5a6da0fb395adc15e3b
-
SSDEEP
3072:MTb4+LoQHG9gh9hRgf2WGapffZY36ozdH6oz:ObFLo1aRg+gXZUz
Static task
static1
Behavioral task
behavioral1
Sample
5de55c68325c841463352b7e53b058a65e476579fa8cf7126b9dbc6fc4fddc92.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
5de55c68325c841463352b7e53b058a65e476579fa8cf7126b9dbc6fc4fddc92.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
5de55c68325c841463352b7e53b058a65e476579fa8cf7126b9dbc6fc4fddc92
-
Size
143KB
-
MD5
193cbda4598fe61c69b538416fb78aa1
-
SHA1
7f8546a917732a4daf146b818fdb7c14b25df3ba
-
SHA256
5de55c68325c841463352b7e53b058a65e476579fa8cf7126b9dbc6fc4fddc92
-
SHA512
9e3cb60b519fb6f81b484048ab9e9b4ec78ef81f30c31807d28e18b8ac91a36e94d0c19e5e09082b1039cbcc4b6ece4189677168c97fe5a6da0fb395adc15e3b
-
SSDEEP
3072:MTb4+LoQHG9gh9hRgf2WGapffZY36ozdH6oz:ObFLo1aRg+gXZUz
Score10/10-
Modifies WinLogon for persistence
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Executes dropped EXE
-
Possible privilege escalation attempt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Modifies file permissions
-
Drops file in System32 directory
-