Overview

overview

8

Static

static

B9B8BC0D86...A9.exe

windows7_x64

8

B9B8BC0D86...A9.exe

windows10-2004_x64

8

Resubmissions

06-04-2022 17:56

220406-whze2agbf9 8

06-04-2022 17:48

220406-wdr56acgbr 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    B9B8BC0D8669C6E55F651DCA76E9A1A9.exe

  • Size

    15.7MB

  • Sample

    220406-whze2agbf9

  • MD5

    b9b8bc0d8669c6e55f651dca76e9a1a9

  • SHA1

    1f59d1d5501b5d5a9417b56a09b9d34cc6375a6d

  • SHA256

    ccc6a5077b55f9c96e1bb37bd963ffa1586764f74ae0431bb13e97aab099e0fe

  • SHA512

    0f88efdd16ffb7faf4ca415179dd78ddcb0e2974eda7f3748f76291826c189e53587019c365a7b157e9c4a283cf6f3536666822d55f9ff20f521036a9ff7a15f

Score
8/10
discoverylinkpdf

Malware Config

Targets

    • Target

      B9B8BC0D8669C6E55F651DCA76E9A1A9.exe

    • Size

      15.7MB

    • MD5

      b9b8bc0d8669c6e55f651dca76e9a1a9

    • SHA1

      1f59d1d5501b5d5a9417b56a09b9d34cc6375a6d

    • SHA256

      ccc6a5077b55f9c96e1bb37bd963ffa1586764f74ae0431bb13e97aab099e0fe

    • SHA512

      0f88efdd16ffb7faf4ca415179dd78ddcb0e2974eda7f3748f76291826c189e53587019c365a7b157e9c4a283cf6f3536666822d55f9ff20f521036a9ff7a15f

    Score
    8/10
    discoverylinkpdf

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

6
T1012

System Information Discovery

6
T1082

Peripheral Device Discovery

2
T1120

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks