General
-
Target
uninstalltool_setup.exe
-
Size
5.7MB
-
Sample
240716-p1ep1swcmh
-
MD5
417161bef8a9990d7d99cd660042608d
-
SHA1
8b319c3ec6cff5a598f7ee3be643a1e13ac85a1b
-
SHA256
66b696e76af8e72272883e22e7f5e42e168195c2e42fddf6d9e4e59c8a003ee4
-
SHA512
3603a744fad93c6b0f48a9ab5795193b0c5c5e145fa80d5c5b0214efc62b39e80d3c83fe04b90b48aca2dd504c4b4f6cfa3f896f66cf76dc204e661ba36b0ae6
-
SSDEEP
98304:mkL6cnCk9EjDxlSQSk0StENJ6+t22o0LPfG8I2zCFqCmRY4z6FSQ8l5ocPCfEWa:Rt92xcQF7tETN22o6XGN2lRqcr5bWa
Static task
static1
Behavioral task
behavioral1
Sample
uninstalltool_setup.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
uninstalltool_setup.exe
-
Size
5.7MB
-
MD5
417161bef8a9990d7d99cd660042608d
-
SHA1
8b319c3ec6cff5a598f7ee3be643a1e13ac85a1b
-
SHA256
66b696e76af8e72272883e22e7f5e42e168195c2e42fddf6d9e4e59c8a003ee4
-
SHA512
3603a744fad93c6b0f48a9ab5795193b0c5c5e145fa80d5c5b0214efc62b39e80d3c83fe04b90b48aca2dd504c4b4f6cfa3f896f66cf76dc204e661ba36b0ae6
-
SSDEEP
98304:mkL6cnCk9EjDxlSQSk0StENJ6+t22o0LPfG8I2zCFqCmRY4z6FSQ8l5ocPCfEWa:Rt92xcQF7tETN22o6XGN2lRqcr5bWa
-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
MITRE ATT&CK Enterprise v15
Persistence
Event Triggered Execution
2Change Default File Association
1Component Object Model Hijacking
1Privilege Escalation
Event Triggered Execution
2Change Default File Association
1Component Object Model Hijacking
1