General
-
Target
.exe
-
Size
7.8MB
-
Sample
240826-styq4a1ckd
-
MD5
ddce1d8422132feb58ce06d08e4dd570
-
SHA1
4861bb5afca9bcf464f93fdbd31d5bcdb6af8344
-
SHA256
263e7ca7701fe761a6f8cf28bebb4690cff47812b7cbc1c3a301e99a4cb86bec
-
SHA512
ee5685523a427af864a3f7a49b5cdd7ee778fbf71fd51fd1a5d5d09afbb86c9a9ca953a4f716d04f0ad2a5408935b4cd2a15d21d8ba611e57f97828ae67d23dc
-
SSDEEP
196608:quBUad84j8rEW8ycQk50hYuwtpB797AxhBu7OTK:qgUK89lcQIruwtpBZoXK
Malware Config
Targets
-
-
Target
.exe
-
Size
7.8MB
-
MD5
ddce1d8422132feb58ce06d08e4dd570
-
SHA1
4861bb5afca9bcf464f93fdbd31d5bcdb6af8344
-
SHA256
263e7ca7701fe761a6f8cf28bebb4690cff47812b7cbc1c3a301e99a4cb86bec
-
SHA512
ee5685523a427af864a3f7a49b5cdd7ee778fbf71fd51fd1a5d5d09afbb86c9a9ca953a4f716d04f0ad2a5408935b4cd2a15d21d8ba611e57f97828ae67d23dc
-
SSDEEP
196608:quBUad84j8rEW8ycQk50hYuwtpB797AxhBu7OTK:qgUK89lcQIruwtpBZoXK
Score8/10-
Manipulates Digital Signatures
Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Enumerates processes with tasklist
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
1Subvert Trust Controls
1SIP and Trust Provider Hijacking
1