General
-
Target
8cd7892fd399465c30ac2e01902e1a8f0f6aab88954fbc6f21f7259e9b74a253.exe
-
Size
93KB
-
Sample
250108-fv9tjaxqhk
-
MD5
ed45a8c9b5fa7d7a92195b865b83a63b
-
SHA1
d0cbe0685c47bfe0097d85136c7878bbc0566958
-
SHA256
8cd7892fd399465c30ac2e01902e1a8f0f6aab88954fbc6f21f7259e9b74a253
-
SHA512
0478c347348319d78031f0b4e388675e4d2a8489f3b83f7ab7594ece2c864727a0439af3ed024077f703c50fe5f19f964161dd92b0cf7e40bdacad3a330b9bc7
-
SSDEEP
1536:x3vcqLLshJ8LpJ1KegT9/YPS0Q7ZLsMr7dkX55nQ04lfAXruG8OK2tO5xRSFELr8:x3v1L+3xYHiLsMPeX5W1AXSExu7SFELo
Static task
static1
Behavioral task
behavioral1
Sample
8cd7892fd399465c30ac2e01902e1a8f0f6aab88954fbc6f21f7259e9b74a253.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
8cd7892fd399465c30ac2e01902e1a8f0f6aab88954fbc6f21f7259e9b74a253.exe
-
Size
93KB
-
MD5
ed45a8c9b5fa7d7a92195b865b83a63b
-
SHA1
d0cbe0685c47bfe0097d85136c7878bbc0566958
-
SHA256
8cd7892fd399465c30ac2e01902e1a8f0f6aab88954fbc6f21f7259e9b74a253
-
SHA512
0478c347348319d78031f0b4e388675e4d2a8489f3b83f7ab7594ece2c864727a0439af3ed024077f703c50fe5f19f964161dd92b0cf7e40bdacad3a330b9bc7
-
SSDEEP
1536:x3vcqLLshJ8LpJ1KegT9/YPS0Q7ZLsMr7dkX55nQ04lfAXruG8OK2tO5xRSFELr8:x3v1L+3xYHiLsMPeX5W1AXSExu7SFELo
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
2