Overview

overview

8

Static

static

6eed1c3244...88.exe

windows7_x64

8

6eed1c3244...88.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6eed1c32446c235b132091181f64c39421376de168ae161c21c6c80c6c311d88

  • Size

    799KB

  • Sample

    210504-dzd85bt9vs

  • MD5

    7f10097ca976c439e8379862bdb2c8a5

  • SHA1

    bf99e7e67177e494d5fdf086b90f3008ef6ebd06

  • SHA256

    6eed1c32446c235b132091181f64c39421376de168ae161c21c6c80c6c311d88

  • SHA512

    84f2cecfc501ee0698cb56d1124871aa9e91a5e0524d84e054ae67ec1a0ba0a67aa16d5dda58b0d5dd7447fdbddef55470a26b8ede014a8f2f42559e6e292960

Score
8/10
macropersistence

Malware Config

Targets

    • Target

      6eed1c32446c235b132091181f64c39421376de168ae161c21c6c80c6c311d88

    • Size

      799KB

    • MD5

      7f10097ca976c439e8379862bdb2c8a5

    • SHA1

      bf99e7e67177e494d5fdf086b90f3008ef6ebd06

    • SHA256

      6eed1c32446c235b132091181f64c39421376de168ae161c21c6c80c6c311d88

    • SHA512

      84f2cecfc501ee0698cb56d1124871aa9e91a5e0524d84e054ae67ec1a0ba0a67aa16d5dda58b0d5dd7447fdbddef55470a26b8ede014a8f2f42559e6e292960

    Score
    8/10
    macropersistence

    • Executes dropped EXE

    • Suspicious Office macro

      Office document equipped with macros.

      macro

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks