General
-
Target
UndericalLoaders.exe
-
Size
1.5MB
-
Sample
241005-xtjpdszclr
-
MD5
fc9b7cd18124db61b71db9efd0adba5a
-
SHA1
f9246c86e20434217a7212c967609708089a909c
-
SHA256
8e6aa5798b441a19a3a26f350bdd0953e936ec0252ada8a5c6298b3ad3da11a6
-
SHA512
bcf6685383068a7f7907f9ad7745f86e053972c37860ef17e6ca7e92c271e154a329463455059e0964ff0c907d60b9a36a51ee1917bfc7ade2d57f61a3ddfcff
-
SSDEEP
24576:xPx7RNF5lddDnwjIxfqkC6RbkClc1STFZqZx9HhOEHQ1jhVmdyCl:xPxlNF5ldxYgqQRblbTfqZNpw1jhVmdJ
Static task
static1
Behavioral task
behavioral1
Sample
UndericalLoaders.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
UndericalLoaders.exe
-
Size
1.5MB
-
MD5
fc9b7cd18124db61b71db9efd0adba5a
-
SHA1
f9246c86e20434217a7212c967609708089a909c
-
SHA256
8e6aa5798b441a19a3a26f350bdd0953e936ec0252ada8a5c6298b3ad3da11a6
-
SHA512
bcf6685383068a7f7907f9ad7745f86e053972c37860ef17e6ca7e92c271e154a329463455059e0964ff0c907d60b9a36a51ee1917bfc7ade2d57f61a3ddfcff
-
SSDEEP
24576:xPx7RNF5lddDnwjIxfqkC6RbkClc1STFZqZx9HhOEHQ1jhVmdyCl:xPxlNF5ldxYgqQRblbTfqZNpw1jhVmdJ
Score8/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Modify Registry
2Subvert Trust Controls
1Install Root Certificate
1