Overview

overview

8

Static

static

Methamphet...er.exe

windows7_x64

8

Methamphet...er.exe

windows10-2004_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    MethamphetamineSolutionsLoader.exe

  • Size

    8.0MB

  • Sample

    220428-ysvwpscbcj

  • MD5

    760862da38d026ae351dca91202add60

  • SHA1

    ae1def931735a30a44e93a66afa2e72d9d72d8e9

  • SHA256

    1a6fd38ece3d73b6612263fed6de4c553cbb46d6e5637e6cd6214ade39b81782

  • SHA512

    c529abf8099c96b0cfffa023f6d5b6b5dc2c2bcb73e1720042a8a842904cba068d7dcad873019b790fe125670331c791122eb8806fe91711a01987bda2d79bd8

Score
8/10

Malware Config

Targets

    • Target

      MethamphetamineSolutionsLoader.exe

    • Size

      8.0MB

    • MD5

      760862da38d026ae351dca91202add60

    • SHA1

      ae1def931735a30a44e93a66afa2e72d9d72d8e9

    • SHA256

      1a6fd38ece3d73b6612263fed6de4c553cbb46d6e5637e6cd6214ade39b81782

    • SHA512

      c529abf8099c96b0cfffa023f6d5b6b5dc2c2bcb73e1720042a8a842904cba068d7dcad873019b790fe125670331c791122eb8806fe91711a01987bda2d79bd8

    Score
    8/10

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks