General
-
Target
a5e7d573e91033eb9bc300186f754394a91a114c73a6661d31dfb8225209030d
-
Size
312KB
-
Sample
240226-1xefmahc38
-
MD5
ae68f525110174d36fd0a78f728ec1ac
-
SHA1
a1e118f23dfc15269400bd059d5960caf01a6ebe
-
SHA256
a5e7d573e91033eb9bc300186f754394a91a114c73a6661d31dfb8225209030d
-
SHA512
acdb4617b5c8aca3cab43d5af963f076d14bd9a55b4b0ad95f65490ee125022424453a1b0fd71776205027b1fc266e5918db44a7b81bb0d29befb34b1d8d741b
-
SSDEEP
6144:yMNCha6O+chMWnhE/deKaG6+9DzZzNIT9OsUp9kBbCSCH/:yMNCha6O+EMcKFJ6+93ZuokBWS
Behavioral task
behavioral1
Sample
a5e7d573e91033eb9bc300186f754394a91a114c73a6661d31dfb8225209030d.exe
Resource
win7-20240221-en
Malware Config
Extracted
arkei
Default
Targets
-
-
Target
a5e7d573e91033eb9bc300186f754394a91a114c73a6661d31dfb8225209030d
-
Size
312KB
-
MD5
ae68f525110174d36fd0a78f728ec1ac
-
SHA1
a1e118f23dfc15269400bd059d5960caf01a6ebe
-
SHA256
a5e7d573e91033eb9bc300186f754394a91a114c73a6661d31dfb8225209030d
-
SHA512
acdb4617b5c8aca3cab43d5af963f076d14bd9a55b4b0ad95f65490ee125022424453a1b0fd71776205027b1fc266e5918db44a7b81bb0d29befb34b1d8d741b
-
SSDEEP
6144:yMNCha6O+chMWnhE/deKaG6+9DzZzNIT9OsUp9kBbCSCH/:yMNCha6O+EMcKFJ6+93ZuokBWS
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1