General
-
Target
8f51f2ce93433514f87cdb4ed20b8560N.exe
-
Size
348KB
-
Sample
240819-cvvg3asfnm
-
MD5
8f51f2ce93433514f87cdb4ed20b8560
-
SHA1
f79ad4c224b9dbdf3809aedc7ec9d1bcccca228e
-
SHA256
54f49a6c62fc8ae5897c3f08c0ed3ad5eb231c5c6621a566aac12e05abea8b36
-
SHA512
198aedb95ff337da125568ad890d617a22b0fbe5ddd70008f4ec57503bf03b4c43719cd422a1966113cb9ec75a9ee1d7c2bf689c807b1ca079922596469fd1fc
-
SSDEEP
6144:ybpFMByWEhy9vBpHLnU+r/f79MzNtukvSodidiHlFE:y9y2hqbLnZr/5MJt5qZi/E
Malware Config
Targets
-
-
Target
8f51f2ce93433514f87cdb4ed20b8560N.exe
-
Size
348KB
-
MD5
8f51f2ce93433514f87cdb4ed20b8560
-
SHA1
f79ad4c224b9dbdf3809aedc7ec9d1bcccca228e
-
SHA256
54f49a6c62fc8ae5897c3f08c0ed3ad5eb231c5c6621a566aac12e05abea8b36
-
SHA512
198aedb95ff337da125568ad890d617a22b0fbe5ddd70008f4ec57503bf03b4c43719cd422a1966113cb9ec75a9ee1d7c2bf689c807b1ca079922596469fd1fc
-
SSDEEP
6144:ybpFMByWEhy9vBpHLnU+r/f79MzNtukvSodidiHlFE:y9y2hqbLnZr/5MJt5qZi/E
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Checks for any installed AV software in registry
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
1