General
-
Target
5aedf5b0bdf3461015ea53e931e3726d27d55a918ade527f17dafccac3e28149
-
Size
5.7MB
-
Sample
241112-2dywlawkdm
-
MD5
301b9f7d25e1dbe5a1133ec81f08ba43
-
SHA1
3c3937a1b48bde8511d766a8e9da8dc32bfbb650
-
SHA256
5aedf5b0bdf3461015ea53e931e3726d27d55a918ade527f17dafccac3e28149
-
SHA512
53240d157f2559e3ead2a417384de8de17c794f999140d2aa3fd1e89bde66aa7d4d4ec7b9dccd9ff43e80ae4b5e0c66942ddc3eaec2d36f7342b09aef444900c
-
SSDEEP
98304:OKWkkjaHjTo82Pb0c0NZrq9BRVvUdowc9cDbuHn54Ls:bWfszNpiRVxK654A
Static task
static1
Behavioral task
behavioral1
Sample
5aedf5b0bdf3461015ea53e931e3726d27d55a918ade527f17dafccac3e28149.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
5aedf5b0bdf3461015ea53e931e3726d27d55a918ade527f17dafccac3e28149.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
5aedf5b0bdf3461015ea53e931e3726d27d55a918ade527f17dafccac3e28149
-
Size
5.7MB
-
MD5
301b9f7d25e1dbe5a1133ec81f08ba43
-
SHA1
3c3937a1b48bde8511d766a8e9da8dc32bfbb650
-
SHA256
5aedf5b0bdf3461015ea53e931e3726d27d55a918ade527f17dafccac3e28149
-
SHA512
53240d157f2559e3ead2a417384de8de17c794f999140d2aa3fd1e89bde66aa7d4d4ec7b9dccd9ff43e80ae4b5e0c66942ddc3eaec2d36f7342b09aef444900c
-
SSDEEP
98304:OKWkkjaHjTo82Pb0c0NZrq9BRVvUdowc9cDbuHn54Ls:bWfszNpiRVxK654A
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Adds Run key to start application
-
Indicator Removal: Clear Persistence
Clear artifacts associated with previously established persistence like scheduletasks on a host.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1