General

  • Target

    1e52934cdfaf1114e0d641e14cc7374a92ecac68be7fba6773c5f4988335a4df.exe

  • Size

    208KB

  • Sample

    250127-sjrj2atras

  • MD5

    1e6160c53af89dc42934657f91d00621

  • SHA1

    1c237d4fa1aafb684e055c2131c72802e650f580

  • SHA256

    1e52934cdfaf1114e0d641e14cc7374a92ecac68be7fba6773c5f4988335a4df

  • SHA512

    7bf1a6b9a560c770e4cc25e7aacbafe3e65f80521912bdb82e410a5a4aa38f04fb5eed3eca70e077b3920f1fc08ed6f1f00f7f9ba10bf805a17cab5875b157fb

  • SSDEEP

    3072:Lo7Vnk9g6PgNi0ayG0W2RaZaSw9z+B8D0i8NZGmuu+pT0CivmSNDYXc:Lottw6sbF2RaA1B+BwXj+G0ZRGc

Malware Config

Targets

    • Target

      1e52934cdfaf1114e0d641e14cc7374a92ecac68be7fba6773c5f4988335a4df.exe

    • Size

      208KB

    • MD5

      1e6160c53af89dc42934657f91d00621

    • SHA1

      1c237d4fa1aafb684e055c2131c72802e650f580

    • SHA256

      1e52934cdfaf1114e0d641e14cc7374a92ecac68be7fba6773c5f4988335a4df

    • SHA512

      7bf1a6b9a560c770e4cc25e7aacbafe3e65f80521912bdb82e410a5a4aa38f04fb5eed3eca70e077b3920f1fc08ed6f1f00f7f9ba10bf805a17cab5875b157fb

    • SSDEEP

      3072:Lo7Vnk9g6PgNi0ayG0W2RaZaSw9z+B8D0i8NZGmuu+pT0CivmSNDYXc:Lottw6sbF2RaA1B+BwXj+G0ZRGc

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks