General
-
Target
f7110b1def06d7380d583ef5902076e986cc1688a1c1f21a5fe8f0576b3a9e4c
-
Size
4.5MB
-
Sample
241109-alzpbatamq
-
MD5
bc34bbf9bbc22725248229de6a153cba
-
SHA1
764226da9f3fb07c0c78124b7407765a5497d038
-
SHA256
f7110b1def06d7380d583ef5902076e986cc1688a1c1f21a5fe8f0576b3a9e4c
-
SHA512
513ce9e9773f55b4c1b34dc4978d3f38dffcef86ac0e078fcb65ae1057a9d225a0a07d66d6e2b041814836a853d9a417bf33ce4b24aecacc280af8333398b47e
-
SSDEEP
98304:s7RLVCLAzNkR7ff7Nu728XAmVsWGrGKB7z1E5P+KxM/UGscfJdW9L:kRCUgFA2xivLKB7z1E52Kask8L
Static task
static1
Behavioral task
behavioral1
Sample
client.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
client.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
client.bin
-
Size
4.7MB
-
MD5
30cbe96960eaf1c4eee427b5014db6c9
-
SHA1
322f4cf4a94c5d63d9f23dad150e35e4337f5a64
-
SHA256
7f943d80aa07781b55d73dfae0da2f256451ad8d887b9b45971348f18adcf54d
-
SHA512
c76c38b85d39f16c7d7b74957cca76e18466c49f25623d1f1427bc197d2a5da01f8829cbd9bbd15563e3e81ba64758ba161607bfc72d84990d6153b25d978ec0
-
SSDEEP
98304:lySJwKh550KM2nFn92DyghSGDiMM0+URlrea8aiXqy2SCf:lFRs2nFs3ie+Sdea8Cf
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Modify Registry
2Subvert Trust Controls
1Install Root Certificate
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1