General

  • Target

    8cd7892fd399465c30ac2e01902e1a8f0f6aab88954fbc6f21f7259e9b74a253.exe

  • Size

    93KB

  • Sample

    250108-fv9tjaxqhk

  • MD5

    ed45a8c9b5fa7d7a92195b865b83a63b

  • SHA1

    d0cbe0685c47bfe0097d85136c7878bbc0566958

  • SHA256

    8cd7892fd399465c30ac2e01902e1a8f0f6aab88954fbc6f21f7259e9b74a253

  • SHA512

    0478c347348319d78031f0b4e388675e4d2a8489f3b83f7ab7594ece2c864727a0439af3ed024077f703c50fe5f19f964161dd92b0cf7e40bdacad3a330b9bc7

  • SSDEEP

    1536:x3vcqLLshJ8LpJ1KegT9/YPS0Q7ZLsMr7dkX55nQ04lfAXruG8OK2tO5xRSFELr8:x3v1L+3xYHiLsMPeX5W1AXSExu7SFELo

Malware Config

Targets

    • Target

      8cd7892fd399465c30ac2e01902e1a8f0f6aab88954fbc6f21f7259e9b74a253.exe

    • Size

      93KB

    • MD5

      ed45a8c9b5fa7d7a92195b865b83a63b

    • SHA1

      d0cbe0685c47bfe0097d85136c7878bbc0566958

    • SHA256

      8cd7892fd399465c30ac2e01902e1a8f0f6aab88954fbc6f21f7259e9b74a253

    • SHA512

      0478c347348319d78031f0b4e388675e4d2a8489f3b83f7ab7594ece2c864727a0439af3ed024077f703c50fe5f19f964161dd92b0cf7e40bdacad3a330b9bc7

    • SSDEEP

      1536:x3vcqLLshJ8LpJ1KegT9/YPS0Q7ZLsMr7dkX55nQ04lfAXruG8OK2tO5xRSFELr8:x3v1L+3xYHiLsMPeX5W1AXSExu7SFELo

    • UAC bypass

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks whether UAC is enabled

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks