6625eeaa609f67ae8830250e280bbffbec82b50246d8fb0e36b93b70f67f4b1c | Triage

Submit
Reports

Overview

overview

8

Static

static

6625eeaa60...1c.exe

windows7_x64

8

6625eeaa60...1c.exe

windows10_x64

8

Sharing

General

Target

6625eeaa609f67ae8830250e280bbffbec82b50246d8fb0e36b93b70f67f4b1c
Size

1.2MB
Sample

210508-dexmdn37kx
MD5

084b8f12958300af52abf2f09642794a
SHA1

869c3de0825488d49540fcbe10c97d6b7414d919
SHA256

6625eeaa609f67ae8830250e280bbffbec82b50246d8fb0e36b93b70f67f4b1c
SHA512

cd203fc26d0ddb6b5b56bafddff2617615f0c6fd2bbf8d7260e70ac5f748e17c73d16a8e2875297f772cf794e1efbee1b4af485e6fee97cdb653d79f14ee6e1a

Score

8^/10

macro persistence

Static task

static1

Behavioral task

behavioral1

Sample

6625eeaa609f67ae8830250e280bbffbec82b50246d8fb0e36b93b70f67f4b1c.exe

Resource

win7v20210410

macro persistence

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

6625eeaa609f67ae8830250e280bbffbec82b50246d8fb0e36b93b70f67f4b1c.exe

Resource

win10v20210408

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  6625eeaa609f67ae8830250e280bbffbec82b50246d8fb0e36b93b70f67f4b1c
- Size
  
  1.2MB
- MD5
  
  084b8f12958300af52abf2f09642794a
- SHA1
  
  869c3de0825488d49540fcbe10c97d6b7414d919
- SHA256
  
  6625eeaa609f67ae8830250e280bbffbec82b50246d8fb0e36b93b70f67f4b1c
- SHA512
  
  cd203fc26d0ddb6b5b56bafddff2617615f0c6fd2bbf8d7260e70ac5f748e17c73d16a8e2875297f772cf794e1efbee1b4af485e6fee97cdb653d79f14ee6e1a
Score

8^/10

macro persistence
- Executes dropped EXE
- Suspicious Office macro
  Office document equipped with macros.
  macro
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

macropersistence

behavioral2

© 2018-2024

Terms | Privacy