General
-
Target
netlimiter-5.3.14.0.exe
-
Size
10.3MB
-
Sample
240612-j9danawalf
-
MD5
d7236661463ab9e967eb8612d795fece
-
SHA1
53de81ddc66ee2fbc7519a55de370bc1e9442cbe
-
SHA256
f41253001076fdd8b8fb578cf485ee4d280139ecac0913093fb8117841c903ec
-
SHA512
15d812dace9753ae1c90dd5b4f0947da8125a264081b208831a28f5c3a60174b27a3ede2a1aae8cc282caf828250319e8ac8fd0f44ab0f34c308883633d49426
-
SSDEEP
196608:J5gk9KH9qXYkFD9nJ5Ove0BbZOqCPVV1Ur2ukAIe2y13NW:ceKdV6IBBkjFAIe1HW
Static task
static1
Behavioral task
behavioral1
Sample
netlimiter-5.3.14.0.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
netlimiter-5.3.14.0.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
netlimiter-5.3.14.0.exe
-
Size
10.3MB
-
MD5
d7236661463ab9e967eb8612d795fece
-
SHA1
53de81ddc66ee2fbc7519a55de370bc1e9442cbe
-
SHA256
f41253001076fdd8b8fb578cf485ee4d280139ecac0913093fb8117841c903ec
-
SHA512
15d812dace9753ae1c90dd5b4f0947da8125a264081b208831a28f5c3a60174b27a3ede2a1aae8cc282caf828250319e8ac8fd0f44ab0f34c308883633d49426
-
SSDEEP
196608:J5gk9KH9qXYkFD9nJ5Ove0BbZOqCPVV1Ur2ukAIe2y13NW:ceKdV6IBBkjFAIe1HW
Score8/10-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Modify Registry
2Subvert Trust Controls
1Install Root Certificate
1