General
-
Target
74331fc1a01348185f62475ee5471472
-
Size
1.4MB
-
Sample
240125-kaha1abhc6
-
MD5
74331fc1a01348185f62475ee5471472
-
SHA1
9c03c6dfc9786dfb960e5d4b1bd6db4fe5a036b2
-
SHA256
d2c38cecf49e55b35607cb0407a427fc6c0003909038466c8242120703fc7202
-
SHA512
114069ecf6ba1ff2b101cc6c86de3a5a95ae9b0e7517fdabda057507fcf4ccf76e87516ba019666504f57abbfb011dad3bfa87382d88f74bb913eb81af63fa32
-
SSDEEP
24576:BzMhy7MCOI7QAJcJpItV8xjPhrmR4Y4ptRNEg2JUYnbuR656+3xCu8kjfaY:BBMCOIBWOtmxjPkyYElOUK6R6pou1fB
Malware Config
Targets
-
-
Target
74331fc1a01348185f62475ee5471472
-
Size
1.4MB
-
MD5
74331fc1a01348185f62475ee5471472
-
SHA1
9c03c6dfc9786dfb960e5d4b1bd6db4fe5a036b2
-
SHA256
d2c38cecf49e55b35607cb0407a427fc6c0003909038466c8242120703fc7202
-
SHA512
114069ecf6ba1ff2b101cc6c86de3a5a95ae9b0e7517fdabda057507fcf4ccf76e87516ba019666504f57abbfb011dad3bfa87382d88f74bb913eb81af63fa32
-
SSDEEP
24576:BzMhy7MCOI7QAJcJpItV8xjPhrmR4Y4ptRNEg2JUYnbuR656+3xCu8kjfaY:BBMCOIBWOtmxjPkyYElOUK6R6pou1fB
Score10/10-
UAC bypass
-
Disables Task Manager via registry modification
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1