General
-
Target
Client.exe
-
Size
157KB
-
Sample
240530-qb4taahe7x
-
MD5
2560eaeea2f78be73934dff77dc21115
-
SHA1
47da9e0270fdd3c762dcb371614eaf4ff67add03
-
SHA256
c5bbe1f75d15903b38f0c1e944b8205dcbbb8033206b22921ad90bc64b0699e6
-
SHA512
5ac9af16716e2e9ffa1cec0f74f273468789caf157ddfe7cbf20e6efdf03ad5f0c86d46bf8944c15a79c8d890ec4f683a9c4758c44c3ce5a5f0d3915f9fe977c
-
SSDEEP
3072:CISoucNzBhW8cKaf7uWQOPodew6FPudZjbahd1P+Aw+RMqgZ:YK5cKsK/jdew6xulbaP+ug
Static task
static1
Behavioral task
behavioral1
Sample
Client.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
Client.exe
-
Size
157KB
-
MD5
2560eaeea2f78be73934dff77dc21115
-
SHA1
47da9e0270fdd3c762dcb371614eaf4ff67add03
-
SHA256
c5bbe1f75d15903b38f0c1e944b8205dcbbb8033206b22921ad90bc64b0699e6
-
SHA512
5ac9af16716e2e9ffa1cec0f74f273468789caf157ddfe7cbf20e6efdf03ad5f0c86d46bf8944c15a79c8d890ec4f683a9c4758c44c3ce5a5f0d3915f9fe977c
-
SSDEEP
3072:CISoucNzBhW8cKaf7uWQOPodew6FPudZjbahd1P+Aw+RMqgZ:YK5cKsK/jdew6xulbaP+ug
Score10/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1