General
-
Target
cff19385f9abc2d4c672c64c94ae4ebea2dd74e5abd17464f08809d3aebe6317.exe
-
Size
368KB
-
Sample
241120-zwjhhssgqb
-
MD5
e0e79354e6b6234d87efdbf52c232657
-
SHA1
b4f62408f5e143cb8a2d82cfdbc6b7d4021a5580
-
SHA256
cff19385f9abc2d4c672c64c94ae4ebea2dd74e5abd17464f08809d3aebe6317
-
SHA512
e9bfc75304e7f962f7ccacd46878b58a72782bc73a7d8960edf1dbfc129033206f3abae7f9331bd9fb428213caa4e343aabd6e7b195e992dbe6f4257fd3f918a
-
SSDEEP
1536:s0PkF42Z/Hmkiw+667MIBf28zPJtC6IoD/QWgxektFAo11Sq:TPA42mLf2RxIfq
Static task
static1
Behavioral task
behavioral1
Sample
cff19385f9abc2d4c672c64c94ae4ebea2dd74e5abd17464f08809d3aebe6317.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
cff19385f9abc2d4c672c64c94ae4ebea2dd74e5abd17464f08809d3aebe6317.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
cff19385f9abc2d4c672c64c94ae4ebea2dd74e5abd17464f08809d3aebe6317.exe
-
Size
368KB
-
MD5
e0e79354e6b6234d87efdbf52c232657
-
SHA1
b4f62408f5e143cb8a2d82cfdbc6b7d4021a5580
-
SHA256
cff19385f9abc2d4c672c64c94ae4ebea2dd74e5abd17464f08809d3aebe6317
-
SHA512
e9bfc75304e7f962f7ccacd46878b58a72782bc73a7d8960edf1dbfc129033206f3abae7f9331bd9fb428213caa4e343aabd6e7b195e992dbe6f4257fd3f918a
-
SSDEEP
1536:s0PkF42Z/Hmkiw+667MIBf28zPJtC6IoD/QWgxektFAo11Sq:TPA42mLf2RxIfq
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2