General
-
Target
c9cceff69ce5ad127dcb537765eb14c89d235d175b2530ae2e94145b70cfea6c
-
Size
7.2MB
-
Sample
240701-fsrj6sxbqb
-
MD5
ed904ea45caf33dfb19fb24600064a0c
-
SHA1
5e1354067e82ac96b27e0b0b2b3be4e3049dbcc8
-
SHA256
c9cceff69ce5ad127dcb537765eb14c89d235d175b2530ae2e94145b70cfea6c
-
SHA512
1a7f8290c60d46fd53c2ca0b9d0bd87d9709bf161a2a137edbec79aa2ddd947315092d70f03ff00a63e5c455cc7cf452507fc19babd9a9e7b770b887486bca91
-
SSDEEP
196608:91Oqg9F2iX+0UCqP6/LtvE7k9+hgyg1AZwCp+0JRu+pGA:3Ol9Yc7ptQwEgIZwCp+sJGA
Static task
static1
Behavioral task
behavioral1
Sample
c9cceff69ce5ad127dcb537765eb14c89d235d175b2530ae2e94145b70cfea6c.exe
Resource
win7-20231129-en
Malware Config
Targets
-
-
Target
c9cceff69ce5ad127dcb537765eb14c89d235d175b2530ae2e94145b70cfea6c
-
Size
7.2MB
-
MD5
ed904ea45caf33dfb19fb24600064a0c
-
SHA1
5e1354067e82ac96b27e0b0b2b3be4e3049dbcc8
-
SHA256
c9cceff69ce5ad127dcb537765eb14c89d235d175b2530ae2e94145b70cfea6c
-
SHA512
1a7f8290c60d46fd53c2ca0b9d0bd87d9709bf161a2a137edbec79aa2ddd947315092d70f03ff00a63e5c455cc7cf452507fc19babd9a9e7b770b887486bca91
-
SSDEEP
196608:91Oqg9F2iX+0UCqP6/LtvE7k9+hgyg1AZwCp+0JRu+pGA:3Ol9Yc7ptQwEgIZwCp+sJGA
-
Blocklisted process makes network request
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Execution
Command and Scripting Interpreter
1PowerShell
1Scheduled Task/Job
1Scheduled Task
1Persistence
Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Scheduled Task
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Scheduled Task
1