General
-
Target
utweb_installer.exe
-
Size
1.7MB
-
Sample
240212-yql6sada75
-
MD5
d3e8379a1185e45bde402972053ec8f3
-
SHA1
251a2b0939fb13e9579c14f68292c50d6840efa2
-
SHA256
a5e72692351e862db0edeba05db2675e0412b81affeee1c51d636564a54de1f0
-
SHA512
a4577753a62d26158cb3cfcefec627b28c113e658acbc4cccc80cceec73fe478151fb05301a0dd0506434d4cef65a4411f24b51cb8ff90a581c0cedb6caf967a
-
SSDEEP
24576:H7FUDowAyrTVE3U5FhWLf6pA2tcDiodLaHaDzV/dDB8jJj5gu:HBuZrEU8LUc6ezV/cjbgu
Static task
static1
Behavioral task
behavioral1
Sample
utweb_installer.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
utweb_installer.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
utweb_installer.exe
-
Size
1.7MB
-
MD5
d3e8379a1185e45bde402972053ec8f3
-
SHA1
251a2b0939fb13e9579c14f68292c50d6840efa2
-
SHA256
a5e72692351e862db0edeba05db2675e0412b81affeee1c51d636564a54de1f0
-
SHA512
a4577753a62d26158cb3cfcefec627b28c113e658acbc4cccc80cceec73fe478151fb05301a0dd0506434d4cef65a4411f24b51cb8ff90a581c0cedb6caf967a
-
SSDEEP
24576:H7FUDowAyrTVE3U5FhWLf6pA2tcDiodLaHaDzV/dDB8jJj5gu:HBuZrEU8LUc6ezV/cjbgu
Score8/10-
Creates new service(s)
-
Adds Run key to start application
-
Checks for any installed AV software in registry
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1Defense Evasion
Modify Registry
2Subvert Trust Controls
1Install Root Certificate
1