General
-
Target
activator.EXE
-
Size
614KB
-
Sample
240413-rrqr2aea99
-
MD5
e1ca7a609027fa33081ccf5f22bedd6c
-
SHA1
59aeb5c2e12be9f7cce24604c0c5830590c80603
-
SHA256
4de3e7bb2099b0d25d483d8ec3e0e8976d4cec3ba2f9d49709785f3ff1211498
-
SHA512
768f8549a75fcba4c778017a761372a4bdec877a6fd11f33367235711d05e54f804e764580c919d7ff269b434add69c357b5d5afe7dc37d5ca35de2ce7d3f05f
-
SSDEEP
12288:ebDo7YNQ62YcKify3iNk+eoTYwhK7kOOnSr3/35ellbLdx6hw9Bz7:UcwQBsiK30eoTYwhbhnQ3v0lP9B
Static task
static1
Behavioral task
behavioral1
Sample
activator.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
activator.EXE
-
Size
614KB
-
MD5
e1ca7a609027fa33081ccf5f22bedd6c
-
SHA1
59aeb5c2e12be9f7cce24604c0c5830590c80603
-
SHA256
4de3e7bb2099b0d25d483d8ec3e0e8976d4cec3ba2f9d49709785f3ff1211498
-
SHA512
768f8549a75fcba4c778017a761372a4bdec877a6fd11f33367235711d05e54f804e764580c919d7ff269b434add69c357b5d5afe7dc37d5ca35de2ce7d3f05f
-
SSDEEP
12288:ebDo7YNQ62YcKify3iNk+eoTYwhK7kOOnSr3/35ellbLdx6hw9Bz7:UcwQBsiK30eoTYwhbhnQ3v0lP9B
Score10/10-
Modifies Windows Firewall
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1