General
-
Target
ddfb2b2f0ffe07a75970b6a10ac92448a8d99ec239dc7e77f081be31b21a59f4
-
Size
232KB
-
Sample
241114-dx183axncr
-
MD5
94d0de9bb95fc9fee2dadf26aea0713d
-
SHA1
299c93833b7419c9d3c2303e1954ec5e3627b88a
-
SHA256
ddfb2b2f0ffe07a75970b6a10ac92448a8d99ec239dc7e77f081be31b21a59f4
-
SHA512
045e556097a9a4236e4f94f5c6219e6abbc6bbdfd8ab84c250a4291adef12e95de41856db26e8443946051ecea9c412536e0da42997e4bcf0e9d01e9be5f8764
-
SSDEEP
3072:qI1i/NU8bOMYcYYcmy5cU+gTn6HOjDhWrzvvQwlgO5s1i/NU82OMYcYYamv5b:5i/NjO5YBgegD0PHzSni/N+O7
Behavioral task
behavioral1
Sample
ddfb2b2f0ffe07a75970b6a10ac92448a8d99ec239dc7e77f081be31b21a59f4.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
ddfb2b2f0ffe07a75970b6a10ac92448a8d99ec239dc7e77f081be31b21a59f4.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
ddfb2b2f0ffe07a75970b6a10ac92448a8d99ec239dc7e77f081be31b21a59f4
-
Size
232KB
-
MD5
94d0de9bb95fc9fee2dadf26aea0713d
-
SHA1
299c93833b7419c9d3c2303e1954ec5e3627b88a
-
SHA256
ddfb2b2f0ffe07a75970b6a10ac92448a8d99ec239dc7e77f081be31b21a59f4
-
SHA512
045e556097a9a4236e4f94f5c6219e6abbc6bbdfd8ab84c250a4291adef12e95de41856db26e8443946051ecea9c412536e0da42997e4bcf0e9d01e9be5f8764
-
SSDEEP
3072:qI1i/NU8bOMYcYYcmy5cU+gTn6HOjDhWrzvvQwlgO5s1i/NU82OMYcYYamv5b:5i/NjO5YBgegD0PHzSni/N+O7
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-
Hide Artifacts: Hidden Files and Directories
-