General
-
Target
f_0044e5.zip
-
Size
3.4MB
-
Sample
230830-ssf5nafe2s
-
MD5
8c238cca4e2d6565b5f1a933b8836e52
-
SHA1
091a21ce520b886031b31bc916b4a3c4eedd9b17
-
SHA256
3c2ed1dae3265518701e694a1577b6406b9fb502cf2ba15c945e614242dbcfd6
-
SHA512
244521149e859622fa67fab6e483653bc48e252b3737f210e149120ddcf7dd5731bd86d51a3e6e4889619cea3f0613cec1e70c69932c77f91a2e44466d6ff4a7
-
SSDEEP
98304:nRLQe9Aj0QB89bcPkKRV5o2fzwzyHAXdAb5:nRMe9Aj0QOYTRA4GC
Static task
static1
Behavioral task
behavioral1
Sample
f_0044e5.zip
Resource
win7-20230824-en
Behavioral task
behavioral2
Sample
f_0044e5.zip
Resource
win10v2004-20230703-en
Behavioral task
behavioral3
Sample
f_0044e5.zip
Resource
win7-20230712-en
Behavioral task
behavioral4
Sample
f_0044e5.zip
Resource
win10v2004-20230703-en
Behavioral task
behavioral5
Sample
IMG001.scr
Resource
win7-20230712-en
Behavioral task
behavioral6
Sample
IMG001.scr
Resource
win10v2004-20230824-en
Malware Config
Targets
-
-
Target
f_0044e5.zip
-
Size
3.4MB
-
MD5
8c238cca4e2d6565b5f1a933b8836e52
-
SHA1
091a21ce520b886031b31bc916b4a3c4eedd9b17
-
SHA256
3c2ed1dae3265518701e694a1577b6406b9fb502cf2ba15c945e614242dbcfd6
-
SHA512
244521149e859622fa67fab6e483653bc48e252b3737f210e149120ddcf7dd5731bd86d51a3e6e4889619cea3f0613cec1e70c69932c77f91a2e44466d6ff4a7
-
SSDEEP
98304:nRLQe9Aj0QB89bcPkKRV5o2fzwzyHAXdAb5:nRMe9Aj0QOYTRA4GC
Score1/10 -
-
-
Target
f_0044e5
-
Size
3.4MB
-
MD5
c3c561c20e48169f4906c6b0b135984b
-
SHA1
aae73c86309c9198e8cc794f5dd3b1899f61e60d
-
SHA256
b914abc696286a639a847d2e3a4a36ff682f30a87b08c4ffc61f2e0cf5e7ec5f
-
SHA512
2cf8e28faedb11009196510b00e82b682474edaf637019bdd6164b08ebbec39e6ef6cfcfbdfc1baa18bef3fb799bf5f90a2ce4ce8edac52d34af6f1013c96653
-
SSDEEP
98304:SyrPvG3UNpYqQLpXhHHeanDebmPL+okjWa1luc:SyrPO3UDsdXp+z8+FWy7
Score1/10 -
-
-
Target
IMG001.scr
-
Size
3.4MB
-
MD5
fbbcf1e9501234d6661a0c9ae6dc01c9
-
SHA1
1ca9759a324159f331e79ea6871ad62040521b41
-
SHA256
d9901b16a93aad709947524379d572a7a7bf8e2741e27a1112c95977d4a6ea8c
-
SHA512
027e5ea6d92955b87439f61704de5b3e21c7a8e0a95327868951968e4f5cbed59cf1e803ac9adb2c9cf577db7a2f6fd4383b7384d57a78596cfb2ff020907140
-
SSDEEP
98304:M5VPnq1y5tQOM33ZNqCtBixHl54Oyjes1Ro6:2VPq1yLanrqTr43eON
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1