General
-
Target
GAOMONTabletInstall_16.1.0.111.exe
-
Size
49.5MB
-
Sample
241003-bdzj1swdnj
-
MD5
0d480144a0c8ebb96304e2c95dad03bc
-
SHA1
cc55fb3b096266cf067a37b122757093f9aed5cd
-
SHA256
f69f9449e05536500c3b61499a24681193e567a7f5b8fd04359f185d0dbe1f37
-
SHA512
a6b10f118e5de032c5cedba7c92defed33c59fb25902af9065044b7007e6c1849441c7e5fe45b8b72362642aa903481a63d2444b9ff434a4ed4663596ef44c1b
-
SSDEEP
1572864:Rn8V5vEOT3wn2PibPd5QabnN1wb8qefY89nSv:CPEMjevHzjlSv
Malware Config
Targets
-
-
Target
GAOMONTabletInstall_16.1.0.111.exe
-
Size
49.5MB
-
MD5
0d480144a0c8ebb96304e2c95dad03bc
-
SHA1
cc55fb3b096266cf067a37b122757093f9aed5cd
-
SHA256
f69f9449e05536500c3b61499a24681193e567a7f5b8fd04359f185d0dbe1f37
-
SHA512
a6b10f118e5de032c5cedba7c92defed33c59fb25902af9065044b7007e6c1849441c7e5fe45b8b72362642aa903481a63d2444b9ff434a4ed4663596ef44c1b
-
SSDEEP
1572864:Rn8V5vEOT3wn2PibPd5QabnN1wb8qefY89nSv:CPEMjevHzjlSv
Score8/10-
Drops file in Drivers directory
-
Adds Run key to start application
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Modify Registry
2Subvert Trust Controls
1Install Root Certificate
1