General
-
Target
RazerCortexInstaller.exe
-
Size
8.6MB
-
Sample
240208-yb432sbf45
-
MD5
cc42f16541090d229cd4f694e3c12dda
-
SHA1
e730aadead56ec9b91e8887b67c4f5b683997c30
-
SHA256
772657670015a4f966f586b8ff157892c75cda6d7b3e5446b43e7e87366768e7
-
SHA512
603d8584d797cae3de7d3ee90e692c2f34c187c375554da0a92a173c9cf82403471a17e5c1b831db609b6492e7965c83f23c07036b73ca8504d0ca9b3ef63297
-
SSDEEP
196608:gvQO/26iZrVG5Jf808zwUIvP4Btk3CDHKhiBm4omLvorU:sQO/DEkf8xzw734BtnSCmlmDT
Static task
static1
Behavioral task
behavioral1
Sample
RazerCortexInstaller.exe
Resource
win7-20231215-en
Malware Config
Targets
-
-
Target
RazerCortexInstaller.exe
-
Size
8.6MB
-
MD5
cc42f16541090d229cd4f694e3c12dda
-
SHA1
e730aadead56ec9b91e8887b67c4f5b683997c30
-
SHA256
772657670015a4f966f586b8ff157892c75cda6d7b3e5446b43e7e87366768e7
-
SHA512
603d8584d797cae3de7d3ee90e692c2f34c187c375554da0a92a173c9cf82403471a17e5c1b831db609b6492e7965c83f23c07036b73ca8504d0ca9b3ef63297
-
SSDEEP
196608:gvQO/26iZrVG5Jf808zwUIvP4Btk3CDHKhiBm4omLvorU:sQO/DEkf8xzw734BtnSCmlmDT
Score10/10-
Adds Run key to start application
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Modify Registry
3Subvert Trust Controls
1Install Root Certificate
1