General
-
Target
Mentor-Tanner-Tools-2019-Free-479524.html
-
Size
31KB
-
Sample
241023-s7lzfszfjj
-
MD5
66beafd8a01b95b56969ad330ff5c9aa
-
SHA1
ef5b3ce2bc1fcc9909f071a796bee5f862a69172
-
SHA256
50c3e40c19a5a61cffd885b590d961bc8be69412c772ddbb14d6bd3328281949
-
SHA512
375b5829d8d8d4c69f8582e7e4bb9a9baaef810a771c214971d00adfd52d838c5ea9c1f251ef13b43c5bc141022765aaa590822e9ef3e19ee9180a30d26e274a
-
SSDEEP
384:+kSuhDEnNWjLcc2ue9yHUqDDUTbV6dqReyjTDXTKeaDQmGEFl8R07bZ+hNQud7yB:SD+a15RMiKte/Oig/Z2EZ
Static task
static1
Behavioral task
behavioral1
Sample
Mentor-Tanner-Tools-2019-Free-479524.html
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
Mentor-Tanner-Tools-2019-Free-479524.html
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
Mentor-Tanner-Tools-2019-Free-479524.html
-
Size
31KB
-
MD5
66beafd8a01b95b56969ad330ff5c9aa
-
SHA1
ef5b3ce2bc1fcc9909f071a796bee5f862a69172
-
SHA256
50c3e40c19a5a61cffd885b590d961bc8be69412c772ddbb14d6bd3328281949
-
SHA512
375b5829d8d8d4c69f8582e7e4bb9a9baaef810a771c214971d00adfd52d838c5ea9c1f251ef13b43c5bc141022765aaa590822e9ef3e19ee9180a30d26e274a
-
SSDEEP
384:+kSuhDEnNWjLcc2ue9yHUqDDUTbV6dqReyjTDXTKeaDQmGEFl8R07bZ+hNQud7yB:SD+a15RMiKte/Oig/Z2EZ
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
File and Directory Permissions Modification
1Indicator Removal
1File Deletion
1Modify Registry
2