General
-
Target
EasyInstallerV2.exe
-
Size
954KB
-
Sample
250331-sy8rvssxgz
-
MD5
7dc8bd5f288db84de1673551e097091c
-
SHA1
74dc9cb4c1e34fa9fbdfd9f1368517136592ba4f
-
SHA256
68310e7362e3f6a42dfd3f30b1664d5bce98045d606ba9e321ae5a2aa12fb034
-
SHA512
57d7c3edd1de49aab4c83171adce94f2ef2b02a8ecc39db6f0e88f4541839f181e8b2b9a11b96f063577a3268796e55663473db533b2987fe9ea07ce8573f759
-
SSDEEP
12288:uLXxYS9cj/sTS9cj/ssFIM0KteTMN4Or4D3OdmZg5WHEaEDIGBBjgrIQtD+tVqDi:u7zMTMNNd+g5Wk78GBBjgrIQtDg
Static task
static1
Behavioral task
behavioral1
Sample
EasyInstallerV2.exe
Resource
win10v2004-20250314-en
Malware Config
Targets
-
-
Target
EasyInstallerV2.exe
-
Size
954KB
-
MD5
7dc8bd5f288db84de1673551e097091c
-
SHA1
74dc9cb4c1e34fa9fbdfd9f1368517136592ba4f
-
SHA256
68310e7362e3f6a42dfd3f30b1664d5bce98045d606ba9e321ae5a2aa12fb034
-
SHA512
57d7c3edd1de49aab4c83171adce94f2ef2b02a8ecc39db6f0e88f4541839f181e8b2b9a11b96f063577a3268796e55663473db533b2987fe9ea07ce8573f759
-
SSDEEP
12288:uLXxYS9cj/sTS9cj/ssFIM0KteTMN4Or4D3OdmZg5WHEaEDIGBBjgrIQtD+tVqDi:u7zMTMNNd+g5Wk78GBBjgrIQtDg
-
Modifies WinLogon for persistence
-
UAC bypass
-
Disables RegEdit via registry modification
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Sets desktop wallpaper using registry
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Winlogon Helper DLL
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Hide Artifacts
2Hidden Files and Directories
2Impair Defenses
1Disable or Modify Tools
1Modify Registry
4