General
-
Target
b6830195e7cdcdfa8e7f87dcb95987d3b3028cd46d2a7062bf04967a41fe1193
-
Size
328KB
-
Sample
240524-cp3w9ahg3v
-
MD5
13b9b3ff670d941dabf74a6088b9e59b
-
SHA1
157da615451e2f00250cb583d8232033869e31aa
-
SHA256
b6830195e7cdcdfa8e7f87dcb95987d3b3028cd46d2a7062bf04967a41fe1193
-
SHA512
d797cb3bc58a1999dd932a2934d19e0b1ea5c064eca3816dc3d1f24c6a9f15b7a337fc320f7d417a02249dbdd1ef2ec4f7a2ca5e383031ab58a5de1d92f18945
-
SSDEEP
6144:J2XgY8FFX7Z6A/P352p4gFs/e8PeAZuon2T5T7UcIGMAQTeJ:J2X1cFx/PAp4ks/e6Fn2dEZGjQSJ
Static task
static1
Behavioral task
behavioral1
Sample
b6830195e7cdcdfa8e7f87dcb95987d3b3028cd46d2a7062bf04967a41fe1193.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
b6830195e7cdcdfa8e7f87dcb95987d3b3028cd46d2a7062bf04967a41fe1193.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
b6830195e7cdcdfa8e7f87dcb95987d3b3028cd46d2a7062bf04967a41fe1193
-
Size
328KB
-
MD5
13b9b3ff670d941dabf74a6088b9e59b
-
SHA1
157da615451e2f00250cb583d8232033869e31aa
-
SHA256
b6830195e7cdcdfa8e7f87dcb95987d3b3028cd46d2a7062bf04967a41fe1193
-
SHA512
d797cb3bc58a1999dd932a2934d19e0b1ea5c064eca3816dc3d1f24c6a9f15b7a337fc320f7d417a02249dbdd1ef2ec4f7a2ca5e383031ab58a5de1d92f18945
-
SSDEEP
6144:J2XgY8FFX7Z6A/P352p4gFs/e8PeAZuon2T5T7UcIGMAQTeJ:J2X1cFx/PAp4ks/e6Fn2dEZGjQSJ
Score10/10-
Modifies firewall policy service
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1