General
-
Target
RTC_Launcher.exe
-
Size
1.3MB
-
Sample
241031-bhjpcswcrn
-
MD5
c8ffb248834afeabbcf835aa2bae314b
-
SHA1
b79a409f7f65109f416b97047c60e14eac36774f
-
SHA256
77625aec027ad9fa8ac5f01d8e98c27c3a1258dad1877b12208c4408dee441aa
-
SHA512
e39f394804b25a604277df7f64e7d381a19049f8bbcabc7eddac220534dd505595bea39ccdc14d4499a150943256fbec928874a0ac77772b72dc731f21dfc544
-
SSDEEP
24576:Bws9Pv8BGzuzkYTixI0INcOYUNfw+Jwz/S/6Z:BdVv8BGzKzUeGOYMw+W7SC
Static task
static1
Behavioral task
behavioral1
Sample
RTC_Launcher.exe
Resource
win10ltsc2021-20241023-en
Malware Config
Targets
-
-
Target
RTC_Launcher.exe
-
Size
1.3MB
-
MD5
c8ffb248834afeabbcf835aa2bae314b
-
SHA1
b79a409f7f65109f416b97047c60e14eac36774f
-
SHA256
77625aec027ad9fa8ac5f01d8e98c27c3a1258dad1877b12208c4408dee441aa
-
SHA512
e39f394804b25a604277df7f64e7d381a19049f8bbcabc7eddac220534dd505595bea39ccdc14d4499a150943256fbec928874a0ac77772b72dc731f21dfc544
-
SSDEEP
24576:Bws9Pv8BGzuzkYTixI0INcOYUNfw+Jwz/S/6Z:BdVv8BGzKzUeGOYMw+W7SC
Score8/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-