General
-
Target
be8ed1ed8a1d903c9f9d58d44f4fa4076aee7ea08e317acc3e94e8962105d0b5
-
Size
2.5MB
-
Sample
240604-cswmcaaa91
-
MD5
0c5c1479d5d6afaf0da0295c95739492
-
SHA1
43f9e49f5c0625926d7d3f544a3fd9306d76b3c0
-
SHA256
be8ed1ed8a1d903c9f9d58d44f4fa4076aee7ea08e317acc3e94e8962105d0b5
-
SHA512
8ea904ffdb12e04573a5aa27760aafbfc8fb950463a216410559fc1aa838af0ae8d86c417c3061f0060b3230a82074344bab63f9b3cc7dc785910a3ba82229cc
-
SSDEEP
49152:9XRMCd4rFvy/3+eNMoQIQnocsvwaiVIGFZAAYzdT0eyGE/vnCXIu:xRe4muQ5noc0wBVtqAYpmVni
Static task
static1
Behavioral task
behavioral1
Sample
be8ed1ed8a1d903c9f9d58d44f4fa4076aee7ea08e317acc3e94e8962105d0b5.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
be8ed1ed8a1d903c9f9d58d44f4fa4076aee7ea08e317acc3e94e8962105d0b5
-
Size
2.5MB
-
MD5
0c5c1479d5d6afaf0da0295c95739492
-
SHA1
43f9e49f5c0625926d7d3f544a3fd9306d76b3c0
-
SHA256
be8ed1ed8a1d903c9f9d58d44f4fa4076aee7ea08e317acc3e94e8962105d0b5
-
SHA512
8ea904ffdb12e04573a5aa27760aafbfc8fb950463a216410559fc1aa838af0ae8d86c417c3061f0060b3230a82074344bab63f9b3cc7dc785910a3ba82229cc
-
SSDEEP
49152:9XRMCd4rFvy/3+eNMoQIQnocsvwaiVIGFZAAYzdT0eyGE/vnCXIu:xRe4muQ5noc0wBVtqAYpmVni
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1