General
-
Target
cd7c18a8df57946a2e161a8b9f2e45d8d1a98377298dd4cc678e0faba8357124
-
Size
5.9MB
-
Sample
240423-elvskscg7t
-
MD5
2e059dba0c532c7a5b25c15b7d05ff1e
-
SHA1
c44e87fd2efcc1ffc180ef95fae719fe1e90a7f9
-
SHA256
cd7c18a8df57946a2e161a8b9f2e45d8d1a98377298dd4cc678e0faba8357124
-
SHA512
508d869f972b7a384564501995f9eed62cf0df2ef88fdaa5a92e0f293ddd54938feb1f66761510e5f892f5a36a58fd42ad20472ede3f808f2fc8955989207034
-
SSDEEP
98304:mn4fMJBeiJ9a3N8rP4S18frP3wbzWFimaI7dloh:iPBeiJ9ad9gbzWFimaI7dl+
Static task
static1
Behavioral task
behavioral1
Sample
cd7c18a8df57946a2e161a8b9f2e45d8d1a98377298dd4cc678e0faba8357124.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
cd7c18a8df57946a2e161a8b9f2e45d8d1a98377298dd4cc678e0faba8357124.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
cd7c18a8df57946a2e161a8b9f2e45d8d1a98377298dd4cc678e0faba8357124
-
Size
5.9MB
-
MD5
2e059dba0c532c7a5b25c15b7d05ff1e
-
SHA1
c44e87fd2efcc1ffc180ef95fae719fe1e90a7f9
-
SHA256
cd7c18a8df57946a2e161a8b9f2e45d8d1a98377298dd4cc678e0faba8357124
-
SHA512
508d869f972b7a384564501995f9eed62cf0df2ef88fdaa5a92e0f293ddd54938feb1f66761510e5f892f5a36a58fd42ad20472ede3f808f2fc8955989207034
-
SSDEEP
98304:mn4fMJBeiJ9a3N8rP4S18frP3wbzWFimaI7dloh:iPBeiJ9ad9gbzWFimaI7dl+
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Detects binaries (Windows and macOS) referencing many web browsers. Observed in information stealers.
-
Detects executables containing SQL queries to confidential data stores. Observed in infostealers
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Browser Extensions
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1