General
-
Target
8c276db9d256a4ec6df10a663fa13ad291832b41fdf915aec25bc4fb31174520.exe
-
Size
2.0MB
-
Sample
241007-b29pwsxgpk
-
MD5
0fd258899fb1afe14d8bd10503263901
-
SHA1
a74e78231d749099ed97a3990fa956b8ccbcbcfd
-
SHA256
8c276db9d256a4ec6df10a663fa13ad291832b41fdf915aec25bc4fb31174520
-
SHA512
0d263abf7a29554b570633f17b7172531e343448c2b5969a00d81b04fd758250ba9398427c59d6e2270db6c19563e4eb6e648f946e6eb131ea43b6fb89349916
-
SSDEEP
49152:epQUjibrS75idST2/sBqEHw9lwsbpt23LObtPg4AZY0j5s5mZTiC+xccccccEww3:Dc3wrNIRZKccccccEwwww
Static task
static1
Behavioral task
behavioral1
Sample
8c276db9d256a4ec6df10a663fa13ad291832b41fdf915aec25bc4fb31174520.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
8c276db9d256a4ec6df10a663fa13ad291832b41fdf915aec25bc4fb31174520.exe
-
Size
2.0MB
-
MD5
0fd258899fb1afe14d8bd10503263901
-
SHA1
a74e78231d749099ed97a3990fa956b8ccbcbcfd
-
SHA256
8c276db9d256a4ec6df10a663fa13ad291832b41fdf915aec25bc4fb31174520
-
SHA512
0d263abf7a29554b570633f17b7172531e343448c2b5969a00d81b04fd758250ba9398427c59d6e2270db6c19563e4eb6e648f946e6eb131ea43b6fb89349916
-
SSDEEP
49152:epQUjibrS75idST2/sBqEHw9lwsbpt23LObtPg4AZY0j5s5mZTiC+xccccccEww3:Dc3wrNIRZKccccccEwwww
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1