Overview

overview

8

Static

static

genymotion-3.2.1.exe

windows7_x64

8

genymotion-3.2.1.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    genymotion-3.2.1.exe

  • Size

    38.7MB

  • Sample

    210513-648ysz522a

  • MD5

    091db899344cb2c0f6144443a7c860ed

  • SHA1

    18ebc1fbe1944a63d499534e457b03f73731ff77

  • SHA256

    1de2d5ab9fd28460eaaefc8ceaf63d85f156d285b6be4dc89fb583ab0998e6c5

  • SHA512

    61bf385fdd6e42c3df9092c1a637d6ed754fec4e43729a87e240285e8a77b48b105daa5f42c6b654e3a76d8aabdf2bc4cadb20a43af5489adab598ecf0e564c7

Score
8/10
discoverymacroxlm

Malware Config

Targets

    • Target

      genymotion-3.2.1.exe

    • Size

      38.7MB

    • MD5

      091db899344cb2c0f6144443a7c860ed

    • SHA1

      18ebc1fbe1944a63d499534e457b03f73731ff77

    • SHA256

      1de2d5ab9fd28460eaaefc8ceaf63d85f156d285b6be4dc89fb583ab0998e6c5

    • SHA512

      61bf385fdd6e42c3df9092c1a637d6ed754fec4e43729a87e240285e8a77b48b105daa5f42c6b654e3a76d8aabdf2bc4cadb20a43af5489adab598ecf0e564c7

    Score
    8/10
    discoverymacroxlm

    • Executes dropped EXE

    • Suspicious Office macro

      Office document equipped with 4.0 macros.

      macroxlm

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks