General
-
Target
0a9329fbf90bbcb44276d8e08cefd33bc4ab16bd7e681663217ebe38ed795148
-
Size
2.7MB
-
Sample
241109-x7p4bstkgp
-
MD5
efda3c186b99f0606567011775423388
-
SHA1
1d71401b169f730d48f1b387ab65c5d551a9c0c0
-
SHA256
0a9329fbf90bbcb44276d8e08cefd33bc4ab16bd7e681663217ebe38ed795148
-
SHA512
f02b5f73acab63e747118819befb074d5c30afdb8fd37cd286f10b32e9cca6ab1611698878f6303b669e65d3ad26aaa6d9bba6373238a4784752592dfe68380f
-
SSDEEP
49152:+R0p8xHycIq+GI27nGroMPTJPer1c2HSjpjK3LBu9w4Sx:+R0pI/IQlUoMPdmpSp84
Static task
static1
Behavioral task
behavioral1
Sample
0a9329fbf90bbcb44276d8e08cefd33bc4ab16bd7e681663217ebe38ed795148.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
0a9329fbf90bbcb44276d8e08cefd33bc4ab16bd7e681663217ebe38ed795148.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
0a9329fbf90bbcb44276d8e08cefd33bc4ab16bd7e681663217ebe38ed795148
-
Size
2.7MB
-
MD5
efda3c186b99f0606567011775423388
-
SHA1
1d71401b169f730d48f1b387ab65c5d551a9c0c0
-
SHA256
0a9329fbf90bbcb44276d8e08cefd33bc4ab16bd7e681663217ebe38ed795148
-
SHA512
f02b5f73acab63e747118819befb074d5c30afdb8fd37cd286f10b32e9cca6ab1611698878f6303b669e65d3ad26aaa6d9bba6373238a4784752592dfe68380f
-
SSDEEP
49152:+R0p8xHycIq+GI27nGroMPTJPer1c2HSjpjK3LBu9w4Sx:+R0pI/IQlUoMPdmpSp84
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1