Overview

overview

8

Static

static

3

SKM_C33501...03.exe

windows7-x64

8

SKM_C33501...03.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    09052024_0312_09052024_SKM_C33501911071023003.rar

  • Size

    733KB

  • Sample

    240509-dql6kafd4w

  • MD5

    113a76be3948a14562e6cddcb5adb436

  • SHA1

    9dcc5fcb14e96c206f1d469ed8f14abc9e4b14ee

  • SHA256

    02a4f3723a33051107a8dc9c586e598fe6cc0768e650a1f3fda9883016899f5e

  • SHA512

    dafc0050bb861886b8ca8f2b1af6ee60e858fdacb99464347328db309ee2bdbb1f4e1512fdae36d18549b0ea032dce0758e1e5a4b2f2261a81f0c84d8e3381e3

  • SSDEEP

    12288:ljYDzbaXxe7RobZ6nKpAjp44gUKbPHrDT2+B6VnBXYxikOC7HziQXFCvy9UMrTuN:izb97RlKP4CbPHrDTxB6VnBXoikOJ/co

Score
8/10
execution

Malware Config

Targets

    • Target

      SKM_C33501911071023003.exe

    • Size

      958KB

    • MD5

      60919367b965fdc16bd176e18f55f4bc

    • SHA1

      f67b7b203b5c320ea99b2c124d2cda275f396606

    • SHA256

      8d06422e84184ba0a6a20a12e4fe75b09db8286f2862c971d25bc243699955d1

    • SHA512

      2360f54602986c38c135f25de769f520d781a08f5751cbc99f9f5e31c2c462f7c028a36ec87033eb42466cff571b475648398bfbebeafadaf2240824d08d55ae

    • SSDEEP

      24576:qP6D4rOjZA603JlKvy7StXz7Y4uRV/4ucN+Kwyecj+rMrfdf8GbrfdYujvWw6nCS:FMi6wq+kV4Ll

    Score
    8/10
    execution

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

      execution

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks