General
-
Target
36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73
-
Size
1.3MB
-
Sample
240618-nsjtbs1hrg
-
MD5
9fa20af5ee7e0440c334587c3ccde6c8
-
SHA1
e8d18361d8eb7d1c66166bb0ba1d12bd72e206d6
-
SHA256
36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73
-
SHA512
d3299fdc9242e974955e5d42fe0a91fda3b10140c3c805017ca9ba138d96a9b7252e691a0fe3184c46bc6d6205f03d17bee92b220a986bf3c16bbad9aa57b55f
-
SSDEEP
24576:/sGoPM9jkPd17jwfYl7jy0hslMQwKQnjr51uTiZxv879kENIdLwN4ZASFD:OM9QPdxwfE7WlFwKAfzuTiDFUFk
Static task
static1
Behavioral task
behavioral1
Sample
36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73
-
Size
1.3MB
-
MD5
9fa20af5ee7e0440c334587c3ccde6c8
-
SHA1
e8d18361d8eb7d1c66166bb0ba1d12bd72e206d6
-
SHA256
36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73
-
SHA512
d3299fdc9242e974955e5d42fe0a91fda3b10140c3c805017ca9ba138d96a9b7252e691a0fe3184c46bc6d6205f03d17bee92b220a986bf3c16bbad9aa57b55f
-
SSDEEP
24576:/sGoPM9jkPd17jwfYl7jy0hslMQwKQnjr51uTiZxv879kENIdLwN4ZASFD:OM9QPdxwfE7WlFwKAfzuTiDFUFk
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Event Triggered Execution: Image File Execution Options Injection
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Boot or Logon Autostart Execution
1Active Setup
1Event Triggered Execution
2Image File Execution Options Injection
1Component Object Model Hijacking
1