General
-
Target
6c65a1b2ce7e1f4d7d75b017804a54cb948f2b177c4abd195708d7f1e768d46bN
-
Size
386KB
-
Sample
241012-z3bq9a1gna
-
MD5
9199af836bcfe0be6ebe562b6640ca70
-
SHA1
b55a9c23e54e9849892fcc6e4ad656cf4c9a6da5
-
SHA256
6c65a1b2ce7e1f4d7d75b017804a54cb948f2b177c4abd195708d7f1e768d46b
-
SHA512
9e7a2e7aea7b23519991606fef48dc8f5552cbaed68339099957bdf6376768a85638db363af3a2682022f98617f72b9d2de3b2f7db447a4dc2a9b8a02fd77f10
-
SSDEEP
6144:Yzt8SadHTzjFRVDoyQEVB/u+oSgUfFmPGLU:1SuzzjFrDoyQEVBjoSg+GGLU
Malware Config
Targets
-
-
Target
6c65a1b2ce7e1f4d7d75b017804a54cb948f2b177c4abd195708d7f1e768d46bN
-
Size
386KB
-
MD5
9199af836bcfe0be6ebe562b6640ca70
-
SHA1
b55a9c23e54e9849892fcc6e4ad656cf4c9a6da5
-
SHA256
6c65a1b2ce7e1f4d7d75b017804a54cb948f2b177c4abd195708d7f1e768d46b
-
SHA512
9e7a2e7aea7b23519991606fef48dc8f5552cbaed68339099957bdf6376768a85638db363af3a2682022f98617f72b9d2de3b2f7db447a4dc2a9b8a02fd77f10
-
SSDEEP
6144:Yzt8SadHTzjFRVDoyQEVB/u+oSgUfFmPGLU:1SuzzjFrDoyQEVBjoSg+GGLU
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Checks for any installed AV software in registry
-
Suspicious use of SetThreadContext
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1