Overview

overview

7

Static

static

d1a2a1e22c...41.exe

windows7_x64

5

d1a2a1e22c...41.exe

windows10-2004_x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d1a2a1e22c9667d4ff6c4a89a0e43473e79c4d89b4690176361550aaf4352941

  • Size

    47KB

  • Sample

    220407-ylcfsagghl

  • MD5

    03b7e356bdc47452c7710c566d33b12d

  • SHA1

    dd2f19962dadeba05a5299b32343fb37221af0b9

  • SHA256

    d1a2a1e22c9667d4ff6c4a89a0e43473e79c4d89b4690176361550aaf4352941

  • SHA512

    d77a717048797e9328c7cdc17eba4b32b03c84fabf8530e10dc82b3e7839f1a63487eb5f07eb9bb3aa2451abaeed3ab7b23d866c078f0161b22357e792457166

Score
7/10
googlephishing

Malware Config

Targets

    • Target

      d1a2a1e22c9667d4ff6c4a89a0e43473e79c4d89b4690176361550aaf4352941

    • Size

      47KB

    • MD5

      03b7e356bdc47452c7710c566d33b12d

    • SHA1

      dd2f19962dadeba05a5299b32343fb37221af0b9

    • SHA256

      d1a2a1e22c9667d4ff6c4a89a0e43473e79c4d89b4690176361550aaf4352941

    • SHA512

      d77a717048797e9328c7cdc17eba4b32b03c84fabf8530e10dc82b3e7839f1a63487eb5f07eb9bb3aa2451abaeed3ab7b23d866c078f0161b22357e792457166

    Score
    7/10
    googlephishing

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Detected potential entity reuse from brand google.

      phishinggoogle

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks