General
-
Target
c7e3f4066bbe690721c689ac5ba20c501cc6c4044cca40e1839834570d8dc0c8
-
Size
7.9MB
-
Sample
241113-zlbpxsyfnh
-
MD5
a2f20dd78d65d42ccf1c39d429e3952b
-
SHA1
8587417f64458fd5e85d402606af74462e3afae2
-
SHA256
c7e3f4066bbe690721c689ac5ba20c501cc6c4044cca40e1839834570d8dc0c8
-
SHA512
f0c1338b1b5a211502402a62a6ae9a6c72e9b96bcb26f4154a05fcf75e836ac4773f80e7ca3fbe0f027528b4727ea674b44366357688cbca787ebee4cfafd674
-
SSDEEP
98304:Kg49ZaYwsmJdj9PfPHXCjNTEY9xFUkcVwNSHfbv/kOIhThw6Q1f+hl/hjY4+iaf7:KgP94NTx9Pe20/zkOiu1f+79YR0k
Static task
static1
Behavioral task
behavioral1
Sample
c7e3f4066bbe690721c689ac5ba20c501cc6c4044cca40e1839834570d8dc0c8.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
c7e3f4066bbe690721c689ac5ba20c501cc6c4044cca40e1839834570d8dc0c8
-
Size
7.9MB
-
MD5
a2f20dd78d65d42ccf1c39d429e3952b
-
SHA1
8587417f64458fd5e85d402606af74462e3afae2
-
SHA256
c7e3f4066bbe690721c689ac5ba20c501cc6c4044cca40e1839834570d8dc0c8
-
SHA512
f0c1338b1b5a211502402a62a6ae9a6c72e9b96bcb26f4154a05fcf75e836ac4773f80e7ca3fbe0f027528b4727ea674b44366357688cbca787ebee4cfafd674
-
SSDEEP
98304:Kg49ZaYwsmJdj9PfPHXCjNTEY9xFUkcVwNSHfbv/kOIhThw6Q1f+hl/hjY4+iaf7:KgP94NTx9Pe20/zkOiu1f+79YR0k
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
2Subvert Trust Controls
1Install Root Certificate
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1