Overview

overview

8

Static

static

99ea2034d7...64.exe

windows7_x64

8

99ea2034d7...64.exe

windows10-2004_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    99ea2034d76477e11983afe0aee3d54f871a926918ca4e766e5b0df5f5254364

  • Size

    3.9MB

  • Sample

    220520-3qx1hahda9

  • MD5

    df2de903ee38ab89ce424656ec5e85e4

  • SHA1

    4a4417e38ce7a8a098c3f09e318783fd5821e8ee

  • SHA256

    99ea2034d76477e11983afe0aee3d54f871a926918ca4e766e5b0df5f5254364

  • SHA512

    9ffd0259e14b9685b362adb28c0f147a47dc920e3691e7163ce9c38be00f717d99b29c9918ca339f300761d06edf9b88ddc6f33ec83bc009e32a1543224a2a38

Score
8/10
evasion

Malware Config

Targets

    • Target

      99ea2034d76477e11983afe0aee3d54f871a926918ca4e766e5b0df5f5254364

    • Size

      3.9MB

    • MD5

      df2de903ee38ab89ce424656ec5e85e4

    • SHA1

      4a4417e38ce7a8a098c3f09e318783fd5821e8ee

    • SHA256

      99ea2034d76477e11983afe0aee3d54f871a926918ca4e766e5b0df5f5254364

    • SHA512

      9ffd0259e14b9685b362adb28c0f147a47dc920e3691e7163ce9c38be00f717d99b29c9918ca339f300761d06edf9b88ddc6f33ec83bc009e32a1543224a2a38

    Score
    8/10
    evasion

    • Disables Task Manager via registry modification

      evasion

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks