Overview

overview

10

Static

static

5

13160edab7...b4.pdf

windows7_x64

1

13160edab7...b4.pdf

windows10-2004_x64

10

Resubmissions

20-03-2022 09:45

220320-lref4sbghm 10

20-03-2022 08:52

220320-ks5t1sbca7 10

20-03-2022 07:17

220320-h4fyxsaee6 10

20-03-2022 06:45

220320-hjkrdaabg5 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    13160edab74cc2dd34653920d4bf56e487fea2fd6adf8249e0be9215ced902b4

  • Size

    2.6MB

  • Sample

    220320-h4fyxsaee6

  • MD5

    7f6060451f81564336bd5d9e5c95797a

  • SHA1

    70c756af084d013e703d5e1c0f561eea6cb2f781

  • SHA256

    13160edab74cc2dd34653920d4bf56e487fea2fd6adf8249e0be9215ced902b4

  • SHA512

    c5263836ef7264e48e4166042827340244fe430b490ad41acde7fef378757731e7d3fecfe05c5d75695d32dcba7a13db86bea36366c5f4fb1e0ea3e321032abf

Score
10/10
evasionpersistencetrojan

Malware Config

Targets

    • Target

      13160edab74cc2dd34653920d4bf56e487fea2fd6adf8249e0be9215ced902b4

    • Size

      2.6MB

    • MD5

      7f6060451f81564336bd5d9e5c95797a

    • SHA1

      70c756af084d013e703d5e1c0f561eea6cb2f781

    • SHA256

      13160edab74cc2dd34653920d4bf56e487fea2fd6adf8249e0be9215ced902b4

    • SHA512

      c5263836ef7264e48e4166042827340244fe430b490ad41acde7fef378757731e7d3fecfe05c5d75695d32dcba7a13db86bea36366c5f4fb1e0ea3e321032abf

    Score
    10/10
    evasionpersistencetrojan

    • Registers COM server for autorun

      persistence

    • Executes dropped EXE

    • Sets file execution options in registry

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Checks whether UAC is enabled

      evasiontrojan

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks