General
-
Target
be5f9409745c8c3853f3c320a1327960_exe32.exe
-
Size
210KB
-
Sample
231015-yf2hqagb95
-
MD5
be5f9409745c8c3853f3c320a1327960
-
SHA1
5e7269ed49c573dc4b8f3ce637c06dea9d2fff19
-
SHA256
e03a5fca15621bbb472355fa10771e72cd23c33021c5837aa05646329b3b59e1
-
SHA512
cd7e4495322b7ace19150355302828a1f9fcba7cc9af561a25fc0244a715ab2d3cdfdd9da0e0304a40175736d12930f14ab791439293473534e8b66534eecee5
-
SSDEEP
3072:/plLir2bgbHfeEMlUVZ/VGS7rN+kout8GXoYloDkldTGAJOcpQzzQQzUMdc:/pW2bgbbV28okoS1oWMkdlZQ5wQc
Static task
static1
Behavioral task
behavioral1
Sample
be5f9409745c8c3853f3c320a1327960_exe32.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
be5f9409745c8c3853f3c320a1327960_exe32.exe
Resource
win10v2004-20230915-en
Malware Config
Targets
-
-
Target
be5f9409745c8c3853f3c320a1327960_exe32.exe
-
Size
210KB
-
MD5
be5f9409745c8c3853f3c320a1327960
-
SHA1
5e7269ed49c573dc4b8f3ce637c06dea9d2fff19
-
SHA256
e03a5fca15621bbb472355fa10771e72cd23c33021c5837aa05646329b3b59e1
-
SHA512
cd7e4495322b7ace19150355302828a1f9fcba7cc9af561a25fc0244a715ab2d3cdfdd9da0e0304a40175736d12930f14ab791439293473534e8b66534eecee5
-
SSDEEP
3072:/plLir2bgbHfeEMlUVZ/VGS7rN+kout8GXoYloDkldTGAJOcpQzzQQzUMdc:/pW2bgbbV28okoS1oWMkdlZQ5wQc
Score10/10-
Disables Task Manager via registry modification
-
Possible privilege escalation attempt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Modifies file permissions
-
Modifies system executable filetype association
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Event Triggered Execution
1Change Default File Association
1