General

  • Target

    aeeafd1474a87877c7de2e5e1c0b8a249d84db170c44411531d77fc5c9c7d258.exe

  • Size

    2.6MB

  • Sample

    240613-cbazbazfmg

  • MD5

    3270851a7cca5589082b87fb8b194cc1

  • SHA1

    6785476c377dabde279dd885a3454585a5abc3fa

  • SHA256

    aeeafd1474a87877c7de2e5e1c0b8a249d84db170c44411531d77fc5c9c7d258

  • SHA512

    da5e0abb6013713bec02953eeeaead170535298afc7d2ba8b75bece8379ce167626408b50279da2d7df9d9f4252ab615cb2794e8e348cd92ca3fa74f0648c03a

  • SSDEEP

    49152:F5wKJTfztRqE7An4T9acW8oKFZhK1eKqSANa0pc/FVNQbQ3sdanDJ4vE3oB0:QG1YwacWkZUenZNpcdVN3JnDZ3

Score
10/10

Malware Config

Targets

    • Target

      aeeafd1474a87877c7de2e5e1c0b8a249d84db170c44411531d77fc5c9c7d258.exe

    • Size

      2.6MB

    • MD5

      3270851a7cca5589082b87fb8b194cc1

    • SHA1

      6785476c377dabde279dd885a3454585a5abc3fa

    • SHA256

      aeeafd1474a87877c7de2e5e1c0b8a249d84db170c44411531d77fc5c9c7d258

    • SHA512

      da5e0abb6013713bec02953eeeaead170535298afc7d2ba8b75bece8379ce167626408b50279da2d7df9d9f4252ab615cb2794e8e348cd92ca3fa74f0648c03a

    • SSDEEP

      49152:F5wKJTfztRqE7An4T9acW8oKFZhK1eKqSANa0pc/FVNQbQ3sdanDJ4vE3oB0:QG1YwacWkZUenZNpcdVN3JnDZ3

    Score
    9/10
    • Detects executables packed with SmartAssembly

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks