General
-
Target
P.exe
-
Size
27.9MB
-
Sample
240618-ss1jasyhre
-
MD5
5b3558cf8679391fbf4d2392323ca741
-
SHA1
0a0fa7f2de6082923b590745c6b90ec8008ad729
-
SHA256
547fc9e56ecd3e72430eefd14fc934ac1e25acc256f0e5ddd86ed5637dc096c3
-
SHA512
7811b645b042ccb4a374840775931fdafdd271bf60ee70f8d0b355c823b7550202a854716e0c349efb3b669d98d1027df71acf4a9fc2d247b542be8b14c43972
-
SSDEEP
393216:XmRzc5GLKoyCeXJ+Sxr4xONXW1mMYN+vlKhEh6zhWazOJ:MTLKoyCeXJ+Sxr4xONXWoM3qEE4ayJ
Static task
static1
Behavioral task
behavioral1
Sample
P.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
P.exe
Resource
win10-20240404-en
Behavioral task
behavioral3
Sample
P.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral4
Sample
P.exe
Resource
win11-20240611-en
Malware Config
Targets
-
-
Target
P.exe
-
Size
27.9MB
-
MD5
5b3558cf8679391fbf4d2392323ca741
-
SHA1
0a0fa7f2de6082923b590745c6b90ec8008ad729
-
SHA256
547fc9e56ecd3e72430eefd14fc934ac1e25acc256f0e5ddd86ed5637dc096c3
-
SHA512
7811b645b042ccb4a374840775931fdafdd271bf60ee70f8d0b355c823b7550202a854716e0c349efb3b669d98d1027df71acf4a9fc2d247b542be8b14c43972
-
SSDEEP
393216:XmRzc5GLKoyCeXJ+Sxr4xONXW1mMYN+vlKhEh6zhWazOJ:MTLKoyCeXJ+Sxr4xONXWoM3qEE4ayJ
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Event Triggered Execution
1Netsh Helper DLL
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
1