General
-
Target
Windows 7 IconPack By 2013Windows8.1.exe
-
Size
15.2MB
-
Sample
240816-qpk84awhpf
-
MD5
d54c644994f501358b6074a0ce2f331b
-
SHA1
863d56e70d675eab6e83909fb587ad9e802bcce2
-
SHA256
24a7869b1b222cc2eae561421b7f0c83048ca4c157d44718102a3e674a412e99
-
SHA512
404910ea4caad2d05d9a2292b62d46355d98fb9c9577c4fc5838c6507deb84aabde02ec6557fa36d25ce4829322ef8da315f2573268117da07490bee49f51d7a
-
SSDEEP
393216:sCBY2ekC/ialj+VaCVeNnCrPYFjvnfIlclildwvki/rsJwN1N:p7+iat+4CkNCEF7fIlldwPrsaTN
Behavioral task
behavioral1
Sample
Windows 7 IconPack By 2013Windows8.1.exe
Resource
win10-20240404-en
Behavioral task
behavioral2
Sample
Windows 7 IconPack By 2013Windows8.1.exe
Resource
win7-20240705-en
Behavioral task
behavioral3
Sample
Windows 7 IconPack By 2013Windows8.1.exe
Resource
win10-20240404-en
Behavioral task
behavioral4
Sample
Windows 7 IconPack By 2013Windows8.1.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
Windows 7 IconPack By 2013Windows8.1.exe
-
Size
15.2MB
-
MD5
d54c644994f501358b6074a0ce2f331b
-
SHA1
863d56e70d675eab6e83909fb587ad9e802bcce2
-
SHA256
24a7869b1b222cc2eae561421b7f0c83048ca4c157d44718102a3e674a412e99
-
SHA512
404910ea4caad2d05d9a2292b62d46355d98fb9c9577c4fc5838c6507deb84aabde02ec6557fa36d25ce4829322ef8da315f2573268117da07490bee49f51d7a
-
SSDEEP
393216:sCBY2ekC/ialj+VaCVeNnCrPYFjvnfIlclildwvki/rsJwN1N:p7+iat+4CkNCEF7fIlldwPrsaTN
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Possible privilege escalation attempt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
File and Directory Permissions Modification: Windows File and Directory Permissions Modification
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Hide Artifacts: Hidden Files and Directories
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
2Windows File and Directory Permissions Modification
1Hide Artifacts
2Hidden Files and Directories
2Indicator Removal
1File Deletion
1Modify Registry
2