General

  • Target

    4b0f98022fefdc4da50914dd1a833af5b6d6c327ed886853a5e20c13ae13fd9f.exe

  • Size

    88KB

  • Sample

    241111-pknmzsyhjq

  • MD5

    7e913d2f80ffcb847fd454ed5d9d6573

  • SHA1

    366cb28ec09e6354992c97691eca0b6c63121660

  • SHA256

    4b0f98022fefdc4da50914dd1a833af5b6d6c327ed886853a5e20c13ae13fd9f

  • SHA512

    464bfeeca5ec768c7b73cd69216c26bf773cb18f2566c144d8d767cf1b6bf3626a684bff2330f214eb0616360566f606c9afb4a4f8cec2b0546ae7421a4f8541

  • SSDEEP

    768:aQNIscPXcOAKrm//4SE6rdcIz0M6mc39vAqBbXml/X4B0blMTIWo90UvIC2TVGpG:aCILvs9NctvAqlWpoBjpUv72TDFP3

Malware Config

Targets

    • Target

      4b0f98022fefdc4da50914dd1a833af5b6d6c327ed886853a5e20c13ae13fd9f.exe

    • Size

      88KB

    • MD5

      7e913d2f80ffcb847fd454ed5d9d6573

    • SHA1

      366cb28ec09e6354992c97691eca0b6c63121660

    • SHA256

      4b0f98022fefdc4da50914dd1a833af5b6d6c327ed886853a5e20c13ae13fd9f

    • SHA512

      464bfeeca5ec768c7b73cd69216c26bf773cb18f2566c144d8d767cf1b6bf3626a684bff2330f214eb0616360566f606c9afb4a4f8cec2b0546ae7421a4f8541

    • SSDEEP

      768:aQNIscPXcOAKrm//4SE6rdcIz0M6mc39vAqBbXml/X4B0blMTIWo90UvIC2TVGpG:aCILvs9NctvAqlWpoBjpUv72TDFP3

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks