General
-
Target
80510dceef8a38808222db095a7843efafabe03e8fe16bc00d80dbfc072a5bc0.exe.vir
-
Size
105.8MB
-
Sample
241110-m6rwesymap
-
MD5
6c7dd0c022553b4a6bda94078228955d
-
SHA1
5648d6485eefe4829d81121505871189187ded55
-
SHA256
80510dceef8a38808222db095a7843efafabe03e8fe16bc00d80dbfc072a5bc0
-
SHA512
7e11a67df70218f525ae03d7ea0fe4959b015793122181674d3f36f7db902e7aa3b7ef0c124bcbc3c641a31d821b6ce9daa16efbb316925883de37fa25c375aa
-
SSDEEP
3145728:mWfWfWfWfWq/////Sb0VHMH5r5Qcnxu+AY0:mWfWfWfWfWzzr5HE+AY0
Static task
static1
Behavioral task
behavioral1
Sample
80510dceef8a38808222db095a7843efafabe03e8fe16bc00d80dbfc072a5bc0.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
80510dceef8a38808222db095a7843efafabe03e8fe16bc00d80dbfc072a5bc0.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
80510dceef8a38808222db095a7843efafabe03e8fe16bc00d80dbfc072a5bc0.exe.vir
-
Size
105.8MB
-
MD5
6c7dd0c022553b4a6bda94078228955d
-
SHA1
5648d6485eefe4829d81121505871189187ded55
-
SHA256
80510dceef8a38808222db095a7843efafabe03e8fe16bc00d80dbfc072a5bc0
-
SHA512
7e11a67df70218f525ae03d7ea0fe4959b015793122181674d3f36f7db902e7aa3b7ef0c124bcbc3c641a31d821b6ce9daa16efbb316925883de37fa25c375aa
-
SSDEEP
3145728:mWfWfWfWfWq/////Sb0VHMH5r5Qcnxu+AY0:mWfWfWfWfWzzr5HE+AY0
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Event Triggered Execution
1Netsh Helper DLL
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
1