General
-
Target
3b79514bd6363e670f982a9f55daa070N.exe
-
Size
179KB
-
Sample
240825-f4xwbsxamd
-
MD5
3b79514bd6363e670f982a9f55daa070
-
SHA1
1dc003d4c75e13ff325dee8161e97011792141a4
-
SHA256
c46400e9c40c1a5e68fe2b148e716f09448ed0626072129db27e766192d33bb9
-
SHA512
27c1d44fa34bd252fdf548d5f43640ba7cfb32ff94efd514a6d2b7e18e0049dd5db102bbb37154c73cc87961f98bcdec23e1840a0e09e1f01fe5580f54110bc6
-
SSDEEP
3072:DXTTASJKf2n5AxE2NpxOa2XdU2QF4s5XgIDFyHb8kHofL/09rGB:DvASJKenie2xT2NU2OTFQb8Fb0IB
Malware Config
Targets
-
-
Target
3b79514bd6363e670f982a9f55daa070N.exe
-
Size
179KB
-
MD5
3b79514bd6363e670f982a9f55daa070
-
SHA1
1dc003d4c75e13ff325dee8161e97011792141a4
-
SHA256
c46400e9c40c1a5e68fe2b148e716f09448ed0626072129db27e766192d33bb9
-
SHA512
27c1d44fa34bd252fdf548d5f43640ba7cfb32ff94efd514a6d2b7e18e0049dd5db102bbb37154c73cc87961f98bcdec23e1840a0e09e1f01fe5580f54110bc6
-
SSDEEP
3072:DXTTASJKf2n5AxE2NpxOa2XdU2QF4s5XgIDFyHb8kHofL/09rGB:DvASJKenie2xT2NU2OTFQb8Fb0IB
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Checks for any installed AV software in registry
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1