Overview

overview

10

Static

static

1

6e7fa9b372...d6.exe

windows7_x64

8

6e7fa9b372...d6.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6e7fa9b372b953fad0a4ac1e82fd3cec28274d276d027437a4cef1a0fc4193d6

  • Size

    14.3MB

  • Sample

    220510-wg32tsgfel

  • MD5

    5e0106229cce715f5bd9cbf6900151a5

  • SHA1

    ff2dc3a10c73f97af1fff889de9e065c703b3c2a

  • SHA256

    6e7fa9b372b953fad0a4ac1e82fd3cec28274d276d027437a4cef1a0fc4193d6

  • SHA512

    c7ca330cfb82114fd125e5f752bf6c66b5c3a1098420f26193a13fd83d07a112055796e4e463a01df8330635abf4a0c0f3824075026e8e9e6900812d960ccaed

Score
10/10
loaderbotloaderminer

Malware Config

Targets

    • Target

      6e7fa9b372b953fad0a4ac1e82fd3cec28274d276d027437a4cef1a0fc4193d6

    • Size

      14.3MB

    • MD5

      5e0106229cce715f5bd9cbf6900151a5

    • SHA1

      ff2dc3a10c73f97af1fff889de9e065c703b3c2a

    • SHA256

      6e7fa9b372b953fad0a4ac1e82fd3cec28274d276d027437a4cef1a0fc4193d6

    • SHA512

      c7ca330cfb82114fd125e5f752bf6c66b5c3a1098420f26193a13fd83d07a112055796e4e463a01df8330635abf4a0c0f3824075026e8e9e6900812d960ccaed

    Score
    10/10
    loaderbotloaderminer

    • LoaderBot

      LoaderBot is a loader written in .NET downloading and executing miners.

      loaderminerloaderbot

    • LoaderBot executable

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks