Overview

overview

8

Static

static

dc5309715d...ac.exe

windows7_x64

8

dc5309715d...ac.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dc5309715df45bcbde4b8e75dc4164a542cbfc08550349c509f7278349baa0ac

  • Size

    1.9MB

  • Sample

    210511-lns18hp4g2

  • MD5

    4a401739cc063b19870a7c1cf3a5d8a9

  • SHA1

    0bfd9614b124c7bc1035e58d1ed2e2e3d020686c

  • SHA256

    dc5309715df45bcbde4b8e75dc4164a542cbfc08550349c509f7278349baa0ac

  • SHA512

    ce9fc63110adedaee0ab4ab569d210853d6b58c9a1233a776c7b7012d007d2bdf23a91fc92318ddd438940b08bb9a6f10a8dd14832fdec8adcf99210ae9b249c

Score
8/10
discoverymacropersistence

Malware Config

Targets

    • Target

      dc5309715df45bcbde4b8e75dc4164a542cbfc08550349c509f7278349baa0ac

    • Size

      1.9MB

    • MD5

      4a401739cc063b19870a7c1cf3a5d8a9

    • SHA1

      0bfd9614b124c7bc1035e58d1ed2e2e3d020686c

    • SHA256

      dc5309715df45bcbde4b8e75dc4164a542cbfc08550349c509f7278349baa0ac

    • SHA512

      ce9fc63110adedaee0ab4ab569d210853d6b58c9a1233a776c7b7012d007d2bdf23a91fc92318ddd438940b08bb9a6f10a8dd14832fdec8adcf99210ae9b249c

    Score
    8/10
    discoverymacropersistence

    • Executes dropped EXE

    • Suspicious Office macro

      Office document equipped with macros.

      macro

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks