General
-
Target
37c62caa6daf10c902b9d26883676e8c
-
Size
1.4MB
-
Sample
231231-qlm9aaacer
-
MD5
37c62caa6daf10c902b9d26883676e8c
-
SHA1
a17054537a5e362d6ef5ea9c568e3e189cf76249
-
SHA256
8ed2643b627fbf3cc329702f06143cdb7e4595de52ff226f2fa2d3dc63cc1abe
-
SHA512
e48e312f6e0e052a5372029f0edb800e15b259e218e0c3bcf4fc467d2be55dbddcb2119d04df99d139e3bf4cb5a41edf442b34afe648c3888db6367508186bef
-
SSDEEP
24576:OvNHE7utQAp1n/+/s7f7idIVHPrxnzvh2hXfGLAlJU325BXsOnBZncmbabqDhGL5:OHQumAp1/+/Mj/PrxnFmfGiU3iXsOnbu
Malware Config
Targets
-
-
Target
37c62caa6daf10c902b9d26883676e8c
-
Size
1.4MB
-
MD5
37c62caa6daf10c902b9d26883676e8c
-
SHA1
a17054537a5e362d6ef5ea9c568e3e189cf76249
-
SHA256
8ed2643b627fbf3cc329702f06143cdb7e4595de52ff226f2fa2d3dc63cc1abe
-
SHA512
e48e312f6e0e052a5372029f0edb800e15b259e218e0c3bcf4fc467d2be55dbddcb2119d04df99d139e3bf4cb5a41edf442b34afe648c3888db6367508186bef
-
SSDEEP
24576:OvNHE7utQAp1n/+/s7f7idIVHPrxnzvh2hXfGLAlJU325BXsOnBZncmbabqDhGL5:OHQumAp1/+/Mj/PrxnFmfGiU3iXsOnbu
Score8/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1