General

  • Target

    8f828e682978c5f772dee9445ceb3640ddb9818507235778c548a304f41cec6eN.exe

  • Size

    2.4MB

  • Sample

    241112-q5pw8atgjc

  • MD5

    576462fd75fddc9b09031ec1a488e260

  • SHA1

    8d2ee60685accae9a3f96ae4a54ab4704454bdf4

  • SHA256

    8f828e682978c5f772dee9445ceb3640ddb9818507235778c548a304f41cec6e

  • SHA512

    bd51ac7a5a4919a56b7b69695a1facc038e5e631e6cf991e65fa8afa16dac78ed3681676553c330ed9081d1f291f5a29eb513944dadcf24df20f386eca2a6000

  • SSDEEP

    49152:5Ko2gzhGqxIaWeSkKkAQOQ1y7GklXRYxxTttMs+xyPFRwGJnunLp9u0XsA5cl+60:I+zhGqx3WeSkKkAQOQ1y7PlXRYxxTtt+

Malware Config

Targets

    • Target

      8f828e682978c5f772dee9445ceb3640ddb9818507235778c548a304f41cec6eN.exe

    • Size

      2.4MB

    • MD5

      576462fd75fddc9b09031ec1a488e260

    • SHA1

      8d2ee60685accae9a3f96ae4a54ab4704454bdf4

    • SHA256

      8f828e682978c5f772dee9445ceb3640ddb9818507235778c548a304f41cec6e

    • SHA512

      bd51ac7a5a4919a56b7b69695a1facc038e5e631e6cf991e65fa8afa16dac78ed3681676553c330ed9081d1f291f5a29eb513944dadcf24df20f386eca2a6000

    • SSDEEP

      49152:5Ko2gzhGqxIaWeSkKkAQOQ1y7GklXRYxxTttMs+xyPFRwGJnunLp9u0XsA5cl+60:I+zhGqx3WeSkKkAQOQ1y7PlXRYxxTtt+

    • Modifies firewall policy service

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks