General

  • Target

    821c11958e5d4d2bdca175bcd6c57569a34e71118a0edfb82643f30836ad8953.exe

  • Size

    88KB

  • Sample

    241113-j62tvayblc

  • MD5

    6cc4947325036528b2c70e7d1325bad5

  • SHA1

    a58de6c3c0e328ec35cc339d5754faf253881fc6

  • SHA256

    821c11958e5d4d2bdca175bcd6c57569a34e71118a0edfb82643f30836ad8953

  • SHA512

    78976af0ed4e5914efd53a47024357fd4706ddd0bedea6a3220b4fd0357901b643cb5bed6d5331ded7dd57cb355365eaf856632ec9b234df87c31f0d424c4e66

  • SSDEEP

    768:aQNIscPXcOAKrm//4SE6rdcIz0M6mc39vAqBbXml/X4B0blMTIWo90UvIC2TVGpy:aCILvs9NctvAqlWpoBjpUv72TDFPd

Malware Config

Targets

    • Target

      821c11958e5d4d2bdca175bcd6c57569a34e71118a0edfb82643f30836ad8953.exe

    • Size

      88KB

    • MD5

      6cc4947325036528b2c70e7d1325bad5

    • SHA1

      a58de6c3c0e328ec35cc339d5754faf253881fc6

    • SHA256

      821c11958e5d4d2bdca175bcd6c57569a34e71118a0edfb82643f30836ad8953

    • SHA512

      78976af0ed4e5914efd53a47024357fd4706ddd0bedea6a3220b4fd0357901b643cb5bed6d5331ded7dd57cb355365eaf856632ec9b234df87c31f0d424c4e66

    • SSDEEP

      768:aQNIscPXcOAKrm//4SE6rdcIz0M6mc39vAqBbXml/X4B0blMTIWo90UvIC2TVGpy:aCILvs9NctvAqlWpoBjpUv72TDFPd

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks