General

  • Target

    9d3e2f47c9e19eb3dd2ad6ff1b00ae5e7b429c4c997268a42b3f75c6d448090a.exe

  • Size

    925KB

  • Sample

    240523-b8pnashc6v

  • MD5

    45cc1bf65d887b4899f7c212b271e578

  • SHA1

    95091ef8a659d6dbde4119cf45d8bc7600be35bd

  • SHA256

    9d3e2f47c9e19eb3dd2ad6ff1b00ae5e7b429c4c997268a42b3f75c6d448090a

  • SHA512

    aaeecd5fc1c395de750be26a62eac4c993d54da38ee6210c03c113fb33ae91b8e6cd3088e5101d54fdbe2708ca4fc479cf0956979622aebfe2cc71fce22bc326

  • SSDEEP

    12288:vLdUcmDiSGP31lk463i3tINrHtkvT3Op44ZOloWvOkR:vLdeiNS4Oi9IN3p7OloWvV

Score
8/10

Malware Config

Targets

    • Target

      9d3e2f47c9e19eb3dd2ad6ff1b00ae5e7b429c4c997268a42b3f75c6d448090a.exe

    • Size

      925KB

    • MD5

      45cc1bf65d887b4899f7c212b271e578

    • SHA1

      95091ef8a659d6dbde4119cf45d8bc7600be35bd

    • SHA256

      9d3e2f47c9e19eb3dd2ad6ff1b00ae5e7b429c4c997268a42b3f75c6d448090a

    • SHA512

      aaeecd5fc1c395de750be26a62eac4c993d54da38ee6210c03c113fb33ae91b8e6cd3088e5101d54fdbe2708ca4fc479cf0956979622aebfe2cc71fce22bc326

    • SSDEEP

      12288:vLdUcmDiSGP31lk463i3tINrHtkvT3Op44ZOloWvOkR:vLdeiNS4Oi9IN3p7OloWvV

    Score
    8/10
    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks