General

  • Target

    48b267680b3d662653876d7c2d32362d1ea232ea94742097de95292f17d12d10N.exe

  • Size

    161KB

  • Sample

    241111-m8j9csxqbz

  • MD5

    f5a05a180aa2081768b28f9e8710699b

  • SHA1

    553ab941712645cbd2f0eb199b29987fa7a2a414

  • SHA256

    115ab2dde45d1056a370f4d3a3ca07bb72c53e0c73f0f9c0d118cd4de3f8f49b

  • SHA512

    ba0ed3b12e7866ad5c22cc3066433c61d02df9b13117404ebdd37e4cd2d99bc74136b2627ed165cef28c9b8702fd1dbaca672edfbbe6b1ea085dba288a22f661

  • SSDEEP

    3072:i5SVkkgUWib1UC7AdYzrV+Dljy/32ubwZZqJb:pUquCkdYzrVolu/J0ZZe

Malware Config

Targets

    • Target

      48b267680b3d662653876d7c2d32362d1ea232ea94742097de95292f17d12d10N.exe

    • Size

      161KB

    • MD5

      f5a05a180aa2081768b28f9e8710699b

    • SHA1

      553ab941712645cbd2f0eb199b29987fa7a2a414

    • SHA256

      115ab2dde45d1056a370f4d3a3ca07bb72c53e0c73f0f9c0d118cd4de3f8f49b

    • SHA512

      ba0ed3b12e7866ad5c22cc3066433c61d02df9b13117404ebdd37e4cd2d99bc74136b2627ed165cef28c9b8702fd1dbaca672edfbbe6b1ea085dba288a22f661

    • SSDEEP

      3072:i5SVkkgUWib1UC7AdYzrV+Dljy/32ubwZZqJb:pUquCkdYzrVolu/J0ZZe

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks