Overview

overview

8

Static

static

8

cc9858f02c...62.exe

windows7_x64

7

cc9858f02c...62.exe

windows10_x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6514221450559488.zip

  • Size

    1.0MB

  • Sample

    210302-g52xegkj6e

  • MD5

    18c467b1166fe1d4add15c4d10699d72

  • SHA1

    fda054d814e50f4fe8fee6021176bda23bffa26b

  • SHA256

    e282950420037911a396ea6008a51163c83057de79fcc6b2eaaf717e76bb7dbd

  • SHA512

    60c763f00f07418e8baa42903f106a482e380ea15b636119e1f729bb2c39a4675ecf3f573b94a95176abeecca8145650f590c2cb93c4f5450f4a245bc3ced62b

Score
8/10
upx

Malware Config

Targets

    • Target

      cc9858f02c6c333ff4e1a7a86252b815aec5b0d9ef6c45aa5dd2a9e4363cd662

    • Size

      1.1MB

    • MD5

      62eeaaa57a5ee21fa66bdb745fb28bb6

    • SHA1

      1700076b4edaeb78b46303e3ea71ac39e3572928

    • SHA256

      cc9858f02c6c333ff4e1a7a86252b815aec5b0d9ef6c45aa5dd2a9e4363cd662

    • SHA512

      8fba34132690c189aa3986f48cf81ee0b2d18670176c327eb53bda0e9afe5bc2f6f5c0a6623d61be1e68e76b7cf825d38ece28b2e2495a8a1373a80cd6a5559c

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

3
T1012

System Information Discovery

4
T1082

Peripheral Device Discovery

1
T1120

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks