General
-
Target
031850efc4a1521bbaf2183076237d752ddf0fcee8b8f618f9860469de506b58.exe
-
Size
140KB
-
Sample
241117-q3x5ta1fpl
-
MD5
850a54c1c4fde385fdb1adc8e2325ae3
-
SHA1
a3a4c599b8814c9448e6e5135f2d88057ddb993f
-
SHA256
031850efc4a1521bbaf2183076237d752ddf0fcee8b8f618f9860469de506b58
-
SHA512
4a0c8e4e1f639008f4ad5572052383f9c7ed0508e7b7b2991ec407f69ff7f642e41ce3c945025492b864d874b581e774f98fbc4138210dbb96d8b861ff3ef05f
-
SSDEEP
3072:wair33vu3XuIcN6/xbccM3hEL8fyUha5fJidcv:waW/uuIcNmLX8dhaRJidW
Static task
static1
Behavioral task
behavioral1
Sample
031850efc4a1521bbaf2183076237d752ddf0fcee8b8f618f9860469de506b58.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
031850efc4a1521bbaf2183076237d752ddf0fcee8b8f618f9860469de506b58.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
031850efc4a1521bbaf2183076237d752ddf0fcee8b8f618f9860469de506b58.exe
-
Size
140KB
-
MD5
850a54c1c4fde385fdb1adc8e2325ae3
-
SHA1
a3a4c599b8814c9448e6e5135f2d88057ddb993f
-
SHA256
031850efc4a1521bbaf2183076237d752ddf0fcee8b8f618f9860469de506b58
-
SHA512
4a0c8e4e1f639008f4ad5572052383f9c7ed0508e7b7b2991ec407f69ff7f642e41ce3c945025492b864d874b581e774f98fbc4138210dbb96d8b861ff3ef05f
-
SSDEEP
3072:wair33vu3XuIcN6/xbccM3hEL8fyUha5fJidcv:waW/uuIcNmLX8dhaRJidW
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2