Overview

overview

8

Static

static

0788aaea24...d6.exe

windows7_x64

8

0788aaea24...d6.exe

windows10_x64

8

Resubmissions

12-01-2021 11:18

210112-grlybxw2l6 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0788aaea249d92a84f70047efcacaa54c26320b439c490ba3ce00457955031d6.zip

  • Size

    1.3MB

  • Sample

    210112-grlybxw2l6

  • MD5

    26b99c49b6e248ec3093ab3fc68a9231

  • SHA1

    31686ae9fec2d26378343c0247897800d378f2ec

  • SHA256

    1f839a845cf8b2d3397f377f28d972584de2ae8f4e1de0bd71f74e1f52a4fc83

  • SHA512

    92bf2cf16206abe418ada24292bc0c9e36361193ae440a60b2723a5a397741a034f10dbb53f8917a866feeb0d961ce3f5c842303dba6ea577afd203e9691ae88

Score
8/10

Malware Config

Targets

    • Target

      0788aaea249d92a84f70047efcacaa54c26320b439c490ba3ce00457955031d6

    • Size

      1.5MB

    • MD5

      50a5e891da27e63d54e68511e48aa026

    • SHA1

      87073d85a7ba420b15c8bb9a9e4adc64db2bcfef

    • SHA256

      0788aaea249d92a84f70047efcacaa54c26320b439c490ba3ce00457955031d6

    • SHA512

      6df8811e3e1f6a4110ca3b7c498af13898b46962a30888879180b2f11dda24344a1de4807663d46dd86f7ea11855d08137980cc85fe71e688d082f2f79994909

    Score
    8/10

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • JavaScript code in executable

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks