Overview

overview

7

Static

static

3

Setup.exe

windows7_x64

7

Setup.exe

windows10-2004_x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Setup.exe

  • Size

    16.8MB

  • Sample

    220515-t78nwsheek

  • MD5

    ccbdf7020daad2c7f5521ac46f61eb95

  • SHA1

    4e15196fd3703431c87d7621a53367859df8153a

  • SHA256

    906d1ee4c61e1fa0b1417bbf60d5087ceb1e817a75d314b8471099d0a89e8575

  • SHA512

    e810bb3976a767c64e386907c04c34f06c22cf2e488f3f7a5df53c611370eda1f908c6bc320cd905ced89041adc91423682204321dea91300c2fbfe54d8d712f

Score
7/10
pyinstaller

Malware Config

Targets

    • Target

      Setup.exe

    • Size

      16.8MB

    • MD5

      ccbdf7020daad2c7f5521ac46f61eb95

    • SHA1

      4e15196fd3703431c87d7621a53367859df8153a

    • SHA256

      906d1ee4c61e1fa0b1417bbf60d5087ceb1e817a75d314b8471099d0a89e8575

    • SHA512

      e810bb3976a767c64e386907c04c34f06c22cf2e488f3f7a5df53c611370eda1f908c6bc320cd905ced89041adc91423682204321dea91300c2fbfe54d8d712f

    Score
    7/10

    • Loads dropped DLL

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks