General

  • Target

    be8ed1ed8a1d903c9f9d58d44f4fa4076aee7ea08e317acc3e94e8962105d0b5

  • Size

    2.5MB

  • Sample

    240604-cswmcaaa91

  • MD5

    0c5c1479d5d6afaf0da0295c95739492

  • SHA1

    43f9e49f5c0625926d7d3f544a3fd9306d76b3c0

  • SHA256

    be8ed1ed8a1d903c9f9d58d44f4fa4076aee7ea08e317acc3e94e8962105d0b5

  • SHA512

    8ea904ffdb12e04573a5aa27760aafbfc8fb950463a216410559fc1aa838af0ae8d86c417c3061f0060b3230a82074344bab63f9b3cc7dc785910a3ba82229cc

  • SSDEEP

    49152:9XRMCd4rFvy/3+eNMoQIQnocsvwaiVIGFZAAYzdT0eyGE/vnCXIu:xRe4muQ5noc0wBVtqAYpmVni

Malware Config

Targets

    • Target

      be8ed1ed8a1d903c9f9d58d44f4fa4076aee7ea08e317acc3e94e8962105d0b5

    • Size

      2.5MB

    • MD5

      0c5c1479d5d6afaf0da0295c95739492

    • SHA1

      43f9e49f5c0625926d7d3f544a3fd9306d76b3c0

    • SHA256

      be8ed1ed8a1d903c9f9d58d44f4fa4076aee7ea08e317acc3e94e8962105d0b5

    • SHA512

      8ea904ffdb12e04573a5aa27760aafbfc8fb950463a216410559fc1aa838af0ae8d86c417c3061f0060b3230a82074344bab63f9b3cc7dc785910a3ba82229cc

    • SSDEEP

      49152:9XRMCd4rFvy/3+eNMoQIQnocsvwaiVIGFZAAYzdT0eyGE/vnCXIu:xRe4muQ5noc0wBVtqAYpmVni

    • UAC bypass

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks