General
-
Target
a71a8e88ff396e069603c47c20f0d605.exe
-
Size
460KB
-
Sample
240107-yac8yacfdq
-
MD5
a71a8e88ff396e069603c47c20f0d605
-
SHA1
276e922218fe338523b12842f62b98128cef3155
-
SHA256
c9e67c13ad6c274dea95c1e27b72424ea3285958255e9e204100bca8f1f4839b
-
SHA512
bfc9b7037ab4bf004b261853cb4fae5b649eb0980fe62de246044c62dc77720d9e2e57ef335893a271a675abef10d910fba008b1f350a198263543ea62cad40b
-
SSDEEP
12288:IYIaFfOOYXrkA+H6UZtT7SdYGDihVCXcFJD:X4Xrv6RTW9WDCXID
Static task
static1
Behavioral task
behavioral1
Sample
a71a8e88ff396e069603c47c20f0d605.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
a71a8e88ff396e069603c47c20f0d605.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
a71a8e88ff396e069603c47c20f0d605.exe
-
Size
460KB
-
MD5
a71a8e88ff396e069603c47c20f0d605
-
SHA1
276e922218fe338523b12842f62b98128cef3155
-
SHA256
c9e67c13ad6c274dea95c1e27b72424ea3285958255e9e204100bca8f1f4839b
-
SHA512
bfc9b7037ab4bf004b261853cb4fae5b649eb0980fe62de246044c62dc77720d9e2e57ef335893a271a675abef10d910fba008b1f350a198263543ea62cad40b
-
SSDEEP
12288:IYIaFfOOYXrkA+H6UZtT7SdYGDihVCXcFJD:X4Xrv6RTW9WDCXID
Score10/10-
Modifies visibility of file extensions in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1