Overview

overview

8

Static

static

3

=XUTF-8XQX...X=.rar

windows7-x64

8

=XUTF-8XQX...X=.rar

windows10-2004-x64

8

Resubmissions

07-11-2024 12:50

241107-p3ah3ssfmk 10

07-11-2024 12:47

241107-p1fmbavmfj 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    =XUTF-8XQXyeni_sipari=C5=9F=2Er00X=

  • Size

    558KB

  • Sample

    241107-p1fmbavmfj

  • MD5

    027b03cee16500f3c919be5bdbbb23be

  • SHA1

    3e463e6f6675bb13a231706136927ea861299205

  • SHA256

    7e1381c64bd9b22722685486aede77240202f163ff0264196da0940d1554bc93

  • SHA512

    a6e5ce4d677bd58c6d0adca3269077866388a216a5020c0371224af67153da0eff6b98ba4f0235d4f5d728c159332898cb2b49c656d333aa18b79b2e52042de9

  • SSDEEP

    12288:itvk9x/nnGkcyk8RHPj+/CqqCoq1WWQBV5bK9GeiWT4/D6zENA:ykfGkvL+/CqqCoq1RQocPWTeD5NA

Score
8/10
discoveryexecution

Malware Config

Targets

    • Target

      =XUTF-8XQXyeni_sipari=C5=9F=2Er00X=

    • Size

      558KB

    • MD5

      027b03cee16500f3c919be5bdbbb23be

    • SHA1

      3e463e6f6675bb13a231706136927ea861299205

    • SHA256

      7e1381c64bd9b22722685486aede77240202f163ff0264196da0940d1554bc93

    • SHA512

      a6e5ce4d677bd58c6d0adca3269077866388a216a5020c0371224af67153da0eff6b98ba4f0235d4f5d728c159332898cb2b49c656d333aa18b79b2e52042de9

    • SSDEEP

      12288:itvk9x/nnGkcyk8RHPj+/CqqCoq1WWQBV5bK9GeiWT4/D6zENA:ykfGkvL+/CqqCoq1RQocPWTeD5NA

    Score
    8/10
    discoveryexecution

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

      execution

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks