General
-
Target
5abe7248263171c21515c14e7b65fc69.bin
-
Size
21.8MB
-
Sample
240719-ddt1mszapq
-
MD5
39e66ebdb4b474a3eb67dd808e3f59ea
-
SHA1
bf5a522b2d3ae3a1ba5c2dcea09b628af85bf8a0
-
SHA256
40dea912cb4bd2ea35e661c67c699c8d55738b896689c5f8c383eaf8b5385881
-
SHA512
b02f1e5338e98211a1f6b263296049d736944005d5256a37a60a178c691ab3b0d4c3ea979d692cf047bc8ea400cf4393ec10d26907b3f7b60cea4dc774e5d3d8
-
SSDEEP
393216:JyH7Wy7uneiTvEIqIvNQAZLp21BzyMRFXtRoXfq6QG9/pcpIvZ2l3HHUgXnvrws+:8bWySnlNvN5ZLpMBzyMRjROq6pdpcpOn
Malware Config
Targets
-
-
Target
498a536802c30c01c5c48ece981803a08352b7d4cc616619aaa95e2828cb157f.exe
-
Size
30.0MB
-
MD5
5abe7248263171c21515c14e7b65fc69
-
SHA1
d68718146f08f6b4ea40f0b088e9f59eaeb48599
-
SHA256
498a536802c30c01c5c48ece981803a08352b7d4cc616619aaa95e2828cb157f
-
SHA512
ffa5fa5cd3f286013f4d53b03415e77e0864bbd8d9999ed3e1a7358c1e3073738aa066fa271aa0f438c4206cc6c4e185f3a80ebe23f3a2523729921e9020a86f
-
SSDEEP
393216:R/pasHkZmyTtvkJJhddL1ugGFPO2bacIGxwRu8/aJHYjzZSOn3P7zZmHs5t3EyBh:xSABnVAEJJ1AtROo1YsM6Hmad+o
Score10/10-
UAC bypass
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Event Triggered Execution
1Netsh Helper DLL
1