General

  • Target

    f76cf350092cc2f70bf3bb82e285ece37cdce8e949bfb0928b97da782252446c

  • Size

    4.8MB

  • Sample

    240523-fmh1vaee4w

  • MD5

    33f0bc33e0561fdf73e14da630053a23

  • SHA1

    47cf5e35720cca9292d2576ad56b260196712f9a

  • SHA256

    f76cf350092cc2f70bf3bb82e285ece37cdce8e949bfb0928b97da782252446c

  • SHA512

    47f55e600864e20d51a2665a366cf869bc4edf6d35ed0fc10a49f2254e71c3810c46433dc1ee386dd856f3a07694dd1c27a02be9bfef87d9686748d476508611

  • SSDEEP

    98304:M3v+7Mi/ME3pKNcwUNXB6wQm+LFmm9rSAeIMxKmF6vq5y/ramhWm1:Mf+IE5KsNXBDALF/6rxsGmhWm1

Score
10/10

Malware Config

Targets

    • Target

      f76cf350092cc2f70bf3bb82e285ece37cdce8e949bfb0928b97da782252446c

    • Size

      4.8MB

    • MD5

      33f0bc33e0561fdf73e14da630053a23

    • SHA1

      47cf5e35720cca9292d2576ad56b260196712f9a

    • SHA256

      f76cf350092cc2f70bf3bb82e285ece37cdce8e949bfb0928b97da782252446c

    • SHA512

      47f55e600864e20d51a2665a366cf869bc4edf6d35ed0fc10a49f2254e71c3810c46433dc1ee386dd856f3a07694dd1c27a02be9bfef87d9686748d476508611

    • SSDEEP

      98304:M3v+7Mi/ME3pKNcwUNXB6wQm+LFmm9rSAeIMxKmF6vq5y/ramhWm1:Mf+IE5KsNXBDALF/6rxsGmhWm1

    Score
    10/10
    • UAC bypass

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v13

Privilege Escalation

Abuse Elevation Control Mechanism

1
T1548

Bypass User Account Control

1
T1548.002

Defense Evasion

Abuse Elevation Control Mechanism

1
T1548

Bypass User Account Control

1
T1548.002

Impair Defenses

1
T1562

Disable or Modify Tools

1
T1562.001

Modify Registry

1
T1112

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Tasks