General

  • Target

    b1f97474f575a3c112a4f915ac55caf706b851e009cee983e20251630e954492N

  • Size

    995KB

  • Sample

    241111-m8mdqasjgl

  • MD5

    050ba92e06fc1cb8bc6828e84cc07cb0

  • SHA1

    3d75f7fa4b71fee7a31e0f4a33a307e0408db8f1

  • SHA256

    b1f97474f575a3c112a4f915ac55caf706b851e009cee983e20251630e954492

  • SHA512

    a0b1fe6b69bc07cebd0b2d2228fbeb561f6f7b56921989a8d7451e41798ac54831d7a40948d3dbf1f436928985056cc2e6ac63002f1d824d824a3746fc14f60b

  • SSDEEP

    24576:BHKw7AWVVGEhLTgfpeqOtl9HVqJ/VVSaD2wsXKqny8:hFP0vi7qVPr

Malware Config

Targets

    • Target

      b1f97474f575a3c112a4f915ac55caf706b851e009cee983e20251630e954492N

    • Size

      995KB

    • MD5

      050ba92e06fc1cb8bc6828e84cc07cb0

    • SHA1

      3d75f7fa4b71fee7a31e0f4a33a307e0408db8f1

    • SHA256

      b1f97474f575a3c112a4f915ac55caf706b851e009cee983e20251630e954492

    • SHA512

      a0b1fe6b69bc07cebd0b2d2228fbeb561f6f7b56921989a8d7451e41798ac54831d7a40948d3dbf1f436928985056cc2e6ac63002f1d824d824a3746fc14f60b

    • SSDEEP

      24576:BHKw7AWVVGEhLTgfpeqOtl9HVqJ/VVSaD2wsXKqny8:hFP0vi7qVPr

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks