3ea0608113934c68eea2e45a9c1e192c1a48910df7b8166c42228f3699c7f26d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

HWID Spoofer.exe
Size

1.9MB
Sample

240929-y65casyeqp
MD5

12633557535f7a4976b0fff3ffda9dd5
SHA1

2872586c29f103c97c4dcef1c677982c14ccee02
SHA256

3ea0608113934c68eea2e45a9c1e192c1a48910df7b8166c42228f3699c7f26d
SHA512

b519e96b4ab4a7e1fb636cdccd4b102f6568acc156bb30083928de849dce41e6b3b6681225462a907594ba15be0b9ab178cb82058bcce8774c0ba69b1a0206c8
SSDEEP

24576:KB0cfsgWazyggdD7IEJOAQIczMTMNNd+g5Wk78GBBjgrIQtD9+FutZbJcMFumJI1:Ba8ggdwEJJS4jgxBBjHQtDA8w

Score

7^/10

Malware Config

Targets

- Target
  
  HWID Spoofer.exe
- Size
  
  1.9MB
- MD5
  
  12633557535f7a4976b0fff3ffda9dd5
- SHA1
  
  2872586c29f103c97c4dcef1c677982c14ccee02
- SHA256
  
  3ea0608113934c68eea2e45a9c1e192c1a48910df7b8166c42228f3699c7f26d
- SHA512
  
  b519e96b4ab4a7e1fb636cdccd4b102f6568acc156bb30083928de849dce41e6b3b6681225462a907594ba15be0b9ab178cb82058bcce8774c0ba69b1a0206c8
- SSDEEP
  
  24576:KB0cfsgWazyggdD7IEJOAQIczMTMNNd+g5Wk78GBBjgrIQtD9+FutZbJcMFumJI1:Ba8ggdwEJJS4jgxBBjHQtDA8w
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2