General
-
Target
d33789912af6003ecc2bc410d3ea5fd480cf5770b793cad3cad818457cd848a5N.exe
-
Size
121KB
-
Sample
250120-k2rnrasjhm
-
MD5
ab922c80d97a1cb8a7240ab04c29a6f0
-
SHA1
af5942fc219edcdce2308a58eb7cfbfdaf85fd1f
-
SHA256
d33789912af6003ecc2bc410d3ea5fd480cf5770b793cad3cad818457cd848a5
-
SHA512
729e5c3b474d55c2c802df0523cf0783402aaf7841c4fc0618fdc8787b21039ce2dc3821c53db4413633b5dade0d93afae4fb7d9cf38b3d79ebfc8938f8eb7d7
-
SSDEEP
3072:927TcKFuQxqTvCIDw0x+G3dF/Ytq7xIpNelNN:KcIuamrL/v7xIpNiNN
Malware Config
Targets
-
-
Target
d33789912af6003ecc2bc410d3ea5fd480cf5770b793cad3cad818457cd848a5N.exe
-
Size
121KB
-
MD5
ab922c80d97a1cb8a7240ab04c29a6f0
-
SHA1
af5942fc219edcdce2308a58eb7cfbfdaf85fd1f
-
SHA256
d33789912af6003ecc2bc410d3ea5fd480cf5770b793cad3cad818457cd848a5
-
SHA512
729e5c3b474d55c2c802df0523cf0783402aaf7841c4fc0618fdc8787b21039ce2dc3821c53db4413633b5dade0d93afae4fb7d9cf38b3d79ebfc8938f8eb7d7
-
SSDEEP
3072:927TcKFuQxqTvCIDw0x+G3dF/Ytq7xIpNelNN:KcIuamrL/v7xIpNiNN
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Checks for any installed AV software in registry
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1