General
-
Target
821c11958e5d4d2bdca175bcd6c57569a34e71118a0edfb82643f30836ad8953.exe
-
Size
88KB
-
Sample
241113-j62tvayblc
-
MD5
6cc4947325036528b2c70e7d1325bad5
-
SHA1
a58de6c3c0e328ec35cc339d5754faf253881fc6
-
SHA256
821c11958e5d4d2bdca175bcd6c57569a34e71118a0edfb82643f30836ad8953
-
SHA512
78976af0ed4e5914efd53a47024357fd4706ddd0bedea6a3220b4fd0357901b643cb5bed6d5331ded7dd57cb355365eaf856632ec9b234df87c31f0d424c4e66
-
SSDEEP
768:aQNIscPXcOAKrm//4SE6rdcIz0M6mc39vAqBbXml/X4B0blMTIWo90UvIC2TVGpy:aCILvs9NctvAqlWpoBjpUv72TDFPd
Static task
static1
Behavioral task
behavioral1
Sample
821c11958e5d4d2bdca175bcd6c57569a34e71118a0edfb82643f30836ad8953.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
821c11958e5d4d2bdca175bcd6c57569a34e71118a0edfb82643f30836ad8953.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
821c11958e5d4d2bdca175bcd6c57569a34e71118a0edfb82643f30836ad8953.exe
-
Size
88KB
-
MD5
6cc4947325036528b2c70e7d1325bad5
-
SHA1
a58de6c3c0e328ec35cc339d5754faf253881fc6
-
SHA256
821c11958e5d4d2bdca175bcd6c57569a34e71118a0edfb82643f30836ad8953
-
SHA512
78976af0ed4e5914efd53a47024357fd4706ddd0bedea6a3220b4fd0357901b643cb5bed6d5331ded7dd57cb355365eaf856632ec9b234df87c31f0d424c4e66
-
SSDEEP
768:aQNIscPXcOAKrm//4SE6rdcIz0M6mc39vAqBbXml/X4B0blMTIWo90UvIC2TVGpy:aCILvs9NctvAqlWpoBjpUv72TDFPd
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Modify Registry
2Subvert Trust Controls
1Install Root Certificate
1