303e22f56b05c936ecf41591bb9b9ad15a7eba68e34617b96fed85d3e4fae4d8 | Triage

Submit
Reports

Overview

overview

8

Static

static

303e22f56b...d8.exe

windows7_x64

8

303e22f56b...d8.exe

windows10_x64

8

Sharing

General

Target

303e22f56b05c936ecf41591bb9b9ad15a7eba68e34617b96fed85d3e4fae4d8
Size

753KB
Sample

210509-v4tx5ey33s
MD5

bd191ff8fc1ad86d1707758b5f075278
SHA1

4fcda0e7a514de5e038816efffaaf24e76cc8985
SHA256

303e22f56b05c936ecf41591bb9b9ad15a7eba68e34617b96fed85d3e4fae4d8
SHA512

3a902599ad32eed405b0d90d0911b2db87b3bec3e160161af74887e868b71fda4825fd8d94ab60021c3eb498ea1fb479be830a6e517a617516eba67e6cf6bcd7

Score

8^/10

macro persistence

Static task

static1

Behavioral task

behavioral1

Sample

303e22f56b05c936ecf41591bb9b9ad15a7eba68e34617b96fed85d3e4fae4d8.exe

Resource

win7v20210410

macro persistence

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

303e22f56b05c936ecf41591bb9b9ad15a7eba68e34617b96fed85d3e4fae4d8.exe

Resource

win10v20210408

macro persistence

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  303e22f56b05c936ecf41591bb9b9ad15a7eba68e34617b96fed85d3e4fae4d8
- Size
  
  753KB
- MD5
  
  bd191ff8fc1ad86d1707758b5f075278
- SHA1
  
  4fcda0e7a514de5e038816efffaaf24e76cc8985
- SHA256
  
  303e22f56b05c936ecf41591bb9b9ad15a7eba68e34617b96fed85d3e4fae4d8
- SHA512
  
  3a902599ad32eed405b0d90d0911b2db87b3bec3e160161af74887e868b71fda4825fd8d94ab60021c3eb498ea1fb479be830a6e517a617516eba67e6cf6bcd7
Score

8^/10

macro persistence
- Executes dropped EXE
- Suspicious Office macro
  Office document equipped with macros.
  macro
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

macropersistence

behavioral2

macropersistence

© 2018-2024

Terms | Privacy