General

  • Target

    filegrinder.exe

  • Size

    89KB

  • Sample

    240815-2jwcnaygjb

  • MD5

    b6889adc3e7ecc84b8cabfea95598ed8

  • SHA1

    9ac26ed5b965ee20ec40df1c20e43bc0f9f4f316

  • SHA256

    9fed18af21d83b7ccda3fa77a5689ab94e898bb32fe0958bb06ee4527ace4b12

  • SHA512

    f34129b2dbe057f3253379c9ec44d87a549fd03a02d77eff9a8a692a1593bb96912b5510779b2ae5fbe203750ac1cac51d5eaf54948769249da1598174559f1e

  • SSDEEP

    1536:J7f65g9OX2CLGAApICdOk/dYLAZXdlItBGTjeIOlnToIfjwjOu:dnlVICUkLrGGTINTBfjwV

Score
8/10

Malware Config

Targets

    • Target

      filegrinder.exe

    • Size

      89KB

    • MD5

      b6889adc3e7ecc84b8cabfea95598ed8

    • SHA1

      9ac26ed5b965ee20ec40df1c20e43bc0f9f4f316

    • SHA256

      9fed18af21d83b7ccda3fa77a5689ab94e898bb32fe0958bb06ee4527ace4b12

    • SHA512

      f34129b2dbe057f3253379c9ec44d87a549fd03a02d77eff9a8a692a1593bb96912b5510779b2ae5fbe203750ac1cac51d5eaf54948769249da1598174559f1e

    • SSDEEP

      1536:J7f65g9OX2CLGAApICdOk/dYLAZXdlItBGTjeIOlnToIfjwjOu:dnlVICUkLrGGTINTBfjwV

    Score
    8/10
    • Possible privilege escalation attempt

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Modifies file permissions

MITRE ATT&CK Enterprise v15

Tasks