a6d6c61abceaf198e932736c916c54fde1e5ee271cf13a582437d05df0e9f009 | Triage

Submit
Reports

Overview

overview

8

Static

static

a6d6c61abc...09.exe

windows7_x64

8

a6d6c61abc...09.exe

windows10_x64

8

Sharing

General

Target

a6d6c61abceaf198e932736c916c54fde1e5ee271cf13a582437d05df0e9f009
Size

1.1MB
Sample

210505-l8t6p5bj6a
MD5

b5b75d648cdcb67b574af4bcb814549a
SHA1

bec087f2a4357d72f27225f0097006da11a40325
SHA256

a6d6c61abceaf198e932736c916c54fde1e5ee271cf13a582437d05df0e9f009
SHA512

5498dece9e9d92a647859ba6f66e337314bda17f502e962c33827e44a70611a41d028804c4070ab39122845260f726827be6ed48f2e24c720f4e0867bd34e147

Score

8^/10

macro persistence

Static task

static1

Behavioral task

behavioral1

Sample

a6d6c61abceaf198e932736c916c54fde1e5ee271cf13a582437d05df0e9f009.exe

Resource

win7v20210410

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

a6d6c61abceaf198e932736c916c54fde1e5ee271cf13a582437d05df0e9f009.exe

Resource

win10v20210408

macro persistence

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  a6d6c61abceaf198e932736c916c54fde1e5ee271cf13a582437d05df0e9f009
- Size
  
  1.1MB
- MD5
  
  b5b75d648cdcb67b574af4bcb814549a
- SHA1
  
  bec087f2a4357d72f27225f0097006da11a40325
- SHA256
  
  a6d6c61abceaf198e932736c916c54fde1e5ee271cf13a582437d05df0e9f009
- SHA512
  
  5498dece9e9d92a647859ba6f66e337314bda17f502e962c33827e44a70611a41d028804c4070ab39122845260f726827be6ed48f2e24c720f4e0867bd34e147
Score

8^/10

persistence macro
- Executes dropped EXE
- Suspicious Office macro
  Office document equipped with macros.
  macro
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

macropersistence

© 2018-2024

Terms | Privacy