General
-
Target
watch
-
Size
922KB
-
Sample
240302-sl946aeg87
-
MD5
f20a172b55dd6d61d41344b87d25b87c
-
SHA1
82bab088cfafdf363ec3ff801c7b7eaf98b42125
-
SHA256
7b3e191772f3dc54bad1e33e4811d286dd5c4faaa7ecb232aa199444264d14d8
-
SHA512
5ad0f81d85b646d2799baba49cdea42c17cbd589cb28462cd66fc8147ccc11fc5409dab6315053cab4b4517724e7dce16bfdb0b460de139e6dbc4f25aabb7539
-
SSDEEP
24576:q+kRsem6IyWioVoirUyY2eQBVOFvxQ3DFVIg:q+1
Static task
static1
Behavioral task
behavioral1
Sample
watch.html
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
watch.html
Resource
win10-20240221-en
Behavioral task
behavioral3
Sample
watch.html
Resource
win10v2004-20240226-en
Behavioral task
behavioral4
Sample
watch.html
Resource
win11-20240221-en
Malware Config
Targets
-
-
Target
watch
-
Size
922KB
-
MD5
f20a172b55dd6d61d41344b87d25b87c
-
SHA1
82bab088cfafdf363ec3ff801c7b7eaf98b42125
-
SHA256
7b3e191772f3dc54bad1e33e4811d286dd5c4faaa7ecb232aa199444264d14d8
-
SHA512
5ad0f81d85b646d2799baba49cdea42c17cbd589cb28462cd66fc8147ccc11fc5409dab6315053cab4b4517724e7dce16bfdb0b460de139e6dbc4f25aabb7539
-
SSDEEP
24576:q+kRsem6IyWioVoirUyY2eQBVOFvxQ3DFVIg:q+1
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Registers COM server for autorun
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Event Triggered Execution
1Change Default File Association
1