General
-
Target
audiorelay-0.27.5.exe
-
Size
68.2MB
-
Sample
241113-tqhq5svgqk
-
MD5
30d70f502763c9679fec9f89be8297c6
-
SHA1
55d747af7b070a0635a4437b903440e4f6437511
-
SHA256
ef4b2398d492a12ee25d25917b725294523b97bb6e532bed1a3e5ff020d6368f
-
SHA512
982d76cdb13259b130530be2777616cfb2e33080bf82cb576fa7fed6a90e5a118cb88f4204a1187b52033f80b3d1a12b1cb64e1d6b2822b513217aed3957f471
-
SSDEEP
1572864:pV2NqQ8RnncnCqywbmHAOs9CJxjmsrkHlmPPloE/4g1:pV2sQ8KEPgh9uvr8mPuE/
Static task
static1
Behavioral task
behavioral1
Sample
audiorelay-0.27.5.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
audiorelay-0.27.5.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
audiorelay-0.27.5.exe
-
Size
68.2MB
-
MD5
30d70f502763c9679fec9f89be8297c6
-
SHA1
55d747af7b070a0635a4437b903440e4f6437511
-
SHA256
ef4b2398d492a12ee25d25917b725294523b97bb6e532bed1a3e5ff020d6368f
-
SHA512
982d76cdb13259b130530be2777616cfb2e33080bf82cb576fa7fed6a90e5a118cb88f4204a1187b52033f80b3d1a12b1cb64e1d6b2822b513217aed3957f471
-
SSDEEP
1572864:pV2NqQ8RnncnCqywbmHAOs9CJxjmsrkHlmPPloE/4g1:pV2sQ8KEPgh9uvr8mPuE/
-
Drops file in Drivers directory
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1