General
-
Target
DALL·E 2024-12-30 14.35.51 - A sleek and futuristic desktop wallpaper resembling the style of Windows, designed for Windows 12. It features a clean and minimalist look with soft g.png
-
Size
391KB
-
Sample
250105-aansnstqaw
-
MD5
3cbb073d555dbd7fde76107f9af87aeb
-
SHA1
d520e59e84367a7e6504eb99851dac7102a0be38
-
SHA256
5325075704f683c8c0db6328f92f18a56c5cc377858eda0bd6595cd6644a21fc
-
SHA512
290824727a98f8b81b935aa759bdc72641cf063e3855a1eb015ef4c817a39a67d71adcd1a87b372c66bd79744460832bfcbedff0c50b7e89509f46ccf75147e8
-
SSDEEP
6144:faLXVPQs01/mT9ge5bGX3e5N9H6f10CY9cZI0HjRVLfwnTkOG7uaKA:faLNQs01/mT1bG+5NFgCiLfF
Static task
static1
Behavioral task
behavioral1
Sample
DALL·E 2024-12-30 14.35.51 - A sleek and futuristic desktop wallpaper resembling the style of Windo.png
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
DALL·E 2024-12-30 14.35.51 - A sleek and futuristic desktop wallpaper resembling the style of Windows, designed for Windows 12. It features a clean and minimalist look with soft g.png
-
Size
391KB
-
MD5
3cbb073d555dbd7fde76107f9af87aeb
-
SHA1
d520e59e84367a7e6504eb99851dac7102a0be38
-
SHA256
5325075704f683c8c0db6328f92f18a56c5cc377858eda0bd6595cd6644a21fc
-
SHA512
290824727a98f8b81b935aa759bdc72641cf063e3855a1eb015ef4c817a39a67d71adcd1a87b372c66bd79744460832bfcbedff0c50b7e89509f46ccf75147e8
-
SSDEEP
6144:faLXVPQs01/mT9ge5bGX3e5N9H6f10CY9cZI0HjRVLfwnTkOG7uaKA:faLNQs01/mT1bG+5NFgCiLfF
-
Downloads MZ/PE file
-
A potential corporate email address has been identified in the URL: 67C716D751E567F70A490D4C@AdobeOrg
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Legitimate hosting services abused for malware hosting/C2
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
2