General
-
Target
0a7a9a7f98f1c04893b5225fada2f1c2
-
Size
1.2MB
-
Sample
231224-wpjm6adegj
-
MD5
0a7a9a7f98f1c04893b5225fada2f1c2
-
SHA1
7a2efc197f2d6dadb60621174fb0c4a5085b8c41
-
SHA256
e8aed0c136cdb9bc4e945af74612a6acfe7f40345746f0ab30ade612a6d2c935
-
SHA512
c614909d57492f27dd3b0e1142755220487914b144da00bb28405f5cb20c452179d4a1b025a6df541c54c24cbcca3e46089458ac179e940d8998bd5369018c7b
-
SSDEEP
3072:aWGy5OYg60KG+LVowg/e3QT10CF0L+LW1HRDHXJxEHMjx8c7n5diH5n4UJYjaVq:Fp8I6rMMD/0J0Sh3p
Malware Config
Targets
-
-
Target
0a7a9a7f98f1c04893b5225fada2f1c2
-
Size
1.2MB
-
MD5
0a7a9a7f98f1c04893b5225fada2f1c2
-
SHA1
7a2efc197f2d6dadb60621174fb0c4a5085b8c41
-
SHA256
e8aed0c136cdb9bc4e945af74612a6acfe7f40345746f0ab30ade612a6d2c935
-
SHA512
c614909d57492f27dd3b0e1142755220487914b144da00bb28405f5cb20c452179d4a1b025a6df541c54c24cbcca3e46089458ac179e940d8998bd5369018c7b
-
SSDEEP
3072:aWGy5OYg60KG+LVowg/e3QT10CF0L+LW1HRDHXJxEHMjx8c7n5diH5n4UJYjaVq:Fp8I6rMMD/0J0Sh3p
Score10/10-
UAC bypass
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1