General
-
Target
Shift - Recipes_tv274.exe
-
Size
2.5MB
-
Sample
240816-q19qts1gpn
-
MD5
1d97281dcda538d182723659233b7b34
-
SHA1
ebdae63edd07b3931b7d63a1ac726c262c81241e
-
SHA256
ab9aa06a205112ad6a0c3c0be642b4481f86316a783dcae37dc2fe712815bc63
-
SHA512
784f8a4eddb9bfdaf2d65e2e65ba3f9e551182f92b4608d986614c977e7e5f098a0145c99aa8eac887527c0d3130def9d50ff1cf42fd00e1bf6057659e8a23f3
-
SSDEEP
49152:yBuZrEUPAga4ESbhFHe2FqMVeCG8lsLf2Vfx3hWL2dz96KmRxHtzdt:EkL5a7SlFHewVe78lCUcqXTmjHtzf
Static task
static1
Behavioral task
behavioral1
Sample
Shift - Recipes_tv274.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
Shift - Recipes_tv274.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
Shift - Recipes_tv274.exe
-
Size
2.5MB
-
MD5
1d97281dcda538d182723659233b7b34
-
SHA1
ebdae63edd07b3931b7d63a1ac726c262c81241e
-
SHA256
ab9aa06a205112ad6a0c3c0be642b4481f86316a783dcae37dc2fe712815bc63
-
SHA512
784f8a4eddb9bfdaf2d65e2e65ba3f9e551182f92b4608d986614c977e7e5f098a0145c99aa8eac887527c0d3130def9d50ff1cf42fd00e1bf6057659e8a23f3
-
SSDEEP
49152:yBuZrEUPAga4ESbhFHe2FqMVeCG8lsLf2Vfx3hWL2dz96KmRxHtzdt:EkL5a7SlFHewVe78lCUcqXTmjHtzf
Score8/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-