General
-
Target
GEN3i7iUpdatePackageV8.exe
-
Size
130.0MB
-
Sample
240603-k14xpaba33
-
MD5
d40d2db2fb0f836a494a5a1dd3fcc687
-
SHA1
57fbb96d52dda7e1e34bffcda8ffaa5d8466448a
-
SHA256
4cec01304868ca6c3c2011b93cb55810f6511b71a5ee52f4c8dc608f78e42067
-
SHA512
cd28c9ed9682e8d8fbfc30215eb4d9259d1258dbb552de55b49883f806968337e78386f6ec0c1725b161cbebea6889a31746fa2300397352f52f7d8588291f87
-
SSDEEP
3145728:wsXWrBn5qDA8DHDSNCaP++Zqm87AjiDTPhlgiZOp++PvERLoY8r:7XWrBn5qBL8Ghm8xT/Z4nEFoBr
Static task
static1
Behavioral task
behavioral1
Sample
GEN3i7iUpdatePackageV8.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
GEN3i7iUpdatePackageV8.exe
-
Size
130.0MB
-
MD5
d40d2db2fb0f836a494a5a1dd3fcc687
-
SHA1
57fbb96d52dda7e1e34bffcda8ffaa5d8466448a
-
SHA256
4cec01304868ca6c3c2011b93cb55810f6511b71a5ee52f4c8dc608f78e42067
-
SHA512
cd28c9ed9682e8d8fbfc30215eb4d9259d1258dbb552de55b49883f806968337e78386f6ec0c1725b161cbebea6889a31746fa2300397352f52f7d8588291f87
-
SSDEEP
3145728:wsXWrBn5qDA8DHDSNCaP++Zqm87AjiDTPhlgiZOp++PvERLoY8r:7XWrBn5qBL8Ghm8xT/Z4nEFoBr
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Adds Run key to start application
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
3