General

  • Target

    e33a18b94257eb8d873858de02619a70c697c2ccfd8b98558d3b48a7a6874dc3.exe

  • Size

    88KB

  • Sample

    241112-rgyd5avaje

  • MD5

    90d50b75294418d1771bcb4e50700996

  • SHA1

    d0eaf4a52fe497966adeca2a02cef5decdc9c8a6

  • SHA256

    e33a18b94257eb8d873858de02619a70c697c2ccfd8b98558d3b48a7a6874dc3

  • SHA512

    a029d156445fd56222cd31fa002207bcce59fdb78e8ff9002c7fdf49a6284f2426f561739aaa3dd7cad6bb5d8625bd8379b78929632d7a16a6dbc3cd433c03c0

  • SSDEEP

    1536:ahUDofByDJWbMGcEFLPEPKOJUsy1+VMAO:aIofBHbKMP0PvMAO

Malware Config

Targets

    • Target

      e33a18b94257eb8d873858de02619a70c697c2ccfd8b98558d3b48a7a6874dc3.exe

    • Size

      88KB

    • MD5

      90d50b75294418d1771bcb4e50700996

    • SHA1

      d0eaf4a52fe497966adeca2a02cef5decdc9c8a6

    • SHA256

      e33a18b94257eb8d873858de02619a70c697c2ccfd8b98558d3b48a7a6874dc3

    • SHA512

      a029d156445fd56222cd31fa002207bcce59fdb78e8ff9002c7fdf49a6284f2426f561739aaa3dd7cad6bb5d8625bd8379b78929632d7a16a6dbc3cd433c03c0

    • SSDEEP

      1536:ahUDofByDJWbMGcEFLPEPKOJUsy1+VMAO:aIofBHbKMP0PvMAO

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks