General
-
Target
N360-ESD-22.20.5.39-EN.exe
-
Size
182.6MB
-
Sample
240323-h924caee78
-
MD5
c179f7d042f45101ff3a198004514cf4
-
SHA1
94ae03eedcfb23fcebbee53f6120d601d6e5a9fe
-
SHA256
bb25d8e75f97ec0040a30361fade5f5fb17cb282502928f5e4344b7193490974
-
SHA512
a39976e86735c266a6d7e7a22d7b1762c8f03dfa2e95528f9cda46de96e889594f327efd1a23717058d16e549ba4abb1f13f7765cafcc662969ac8dbacaaedaa
-
SSDEEP
3145728:OX39GeVIqEhI3o4dwuG2Z/0peaElPssxz9jzPhfl7DotpZbY8GClJsgWCZ2QCptW:G3EYIE5dG0iFvEz9JFDupZbIe9WCZ2QN
Static task
static1
Behavioral task
behavioral1
Sample
N360-ESD-22.20.5.39-EN.exe
Resource
win10v2004-20231215-es
Malware Config
Targets
-
-
Target
N360-ESD-22.20.5.39-EN.exe
-
Size
182.6MB
-
MD5
c179f7d042f45101ff3a198004514cf4
-
SHA1
94ae03eedcfb23fcebbee53f6120d601d6e5a9fe
-
SHA256
bb25d8e75f97ec0040a30361fade5f5fb17cb282502928f5e4344b7193490974
-
SHA512
a39976e86735c266a6d7e7a22d7b1762c8f03dfa2e95528f9cda46de96e889594f327efd1a23717058d16e549ba4abb1f13f7765cafcc662969ac8dbacaaedaa
-
SSDEEP
3145728:OX39GeVIqEhI3o4dwuG2Z/0peaElPssxz9jzPhfl7DotpZbY8GClJsgWCZ2QCptW:G3EYIE5dG0iFvEz9JFDupZbIe9WCZ2QN
Score8/10-
Drops file in Drivers directory
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Browser Extensions
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Defense Evasion
Modify Registry
4Subvert Trust Controls
1Install Root Certificate
1