Overview

overview

8

Static

static

a750c71a01...20.exe

windows7_x64

8

a750c71a01...20.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a750c71a015b62d8d23b799cd269118539ce0359699ccac41daa4b161c9c5c20

  • Size

    1.2MB

  • Sample

    210511-tsgh5nh4ds

  • MD5

    606c3f605b2f62a58338035565560e59

  • SHA1

    ad0d39aa53704b82f3e4751b43827a872c77ae7e

  • SHA256

    a750c71a015b62d8d23b799cd269118539ce0359699ccac41daa4b161c9c5c20

  • SHA512

    13f05d3551457dc981162e296ae42b5c528b3b88a7a9e3fac5986e5cfefbd10a030fd3fb70eb13c318f8d0886f736cf78048b6510b7ea51f5c3d2b4475d4e928

Score
8/10
macropersistence

Malware Config

Targets

    • Target

      a750c71a015b62d8d23b799cd269118539ce0359699ccac41daa4b161c9c5c20

    • Size

      1.2MB

    • MD5

      606c3f605b2f62a58338035565560e59

    • SHA1

      ad0d39aa53704b82f3e4751b43827a872c77ae7e

    • SHA256

      a750c71a015b62d8d23b799cd269118539ce0359699ccac41daa4b161c9c5c20

    • SHA512

      13f05d3551457dc981162e296ae42b5c528b3b88a7a9e3fac5986e5cfefbd10a030fd3fb70eb13c318f8d0886f736cf78048b6510b7ea51f5c3d2b4475d4e928

    Score
    8/10
    persistencemacro

    • Executes dropped EXE

    • Suspicious Office macro

      Office document equipped with macros.

      macro

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks