General
-
Target
HousecallLauncher64.exe
-
Size
3.5MB
-
Sample
240907-2wbtsasekb
-
MD5
418e07b780152848328a5157f6ab9f1a
-
SHA1
0f9fc8d36792ddac8a4b5b121665206719e7aad2
-
SHA256
1837fc18d5b779a7b47bb9163a7c93c995a7c814c2b38cc16a0cf2419bf8d2d1
-
SHA512
fdac16d696fffecb955188d020baaef8ab0b8ae41f418cfba2f90a7a0d0cfc8a56e1ec0941b20e3bd3f9f1defe66d93e2b327eb9b746a8e7ef705178e52682fc
-
SSDEEP
49152:8gJfAqJHqm4ekAKxJpmssTBSg1L0xQsUAinAqriB19QwP5Sd4B24uQ2Mss/pDsAu:8gCmZHJoWJ2oAqWBvQTETRWL
Static task
static1
Behavioral task
behavioral1
Sample
HousecallLauncher64.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
HousecallLauncher64.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
HousecallLauncher64.exe
-
Size
3.5MB
-
MD5
418e07b780152848328a5157f6ab9f1a
-
SHA1
0f9fc8d36792ddac8a4b5b121665206719e7aad2
-
SHA256
1837fc18d5b779a7b47bb9163a7c93c995a7c814c2b38cc16a0cf2419bf8d2d1
-
SHA512
fdac16d696fffecb955188d020baaef8ab0b8ae41f418cfba2f90a7a0d0cfc8a56e1ec0941b20e3bd3f9f1defe66d93e2b327eb9b746a8e7ef705178e52682fc
-
SSDEEP
49152:8gJfAqJHqm4ekAKxJpmssTBSg1L0xQsUAinAqriB19QwP5Sd4B24uQ2Mss/pDsAu:8gCmZHJoWJ2oAqWBvQTETRWL
Score9/10-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Drops file in Drivers directory
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Defense Evasion
Modify Registry
2Subvert Trust Controls
1Install Root Certificate
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1