Overview

overview

8

Static

static

dotnet-sdk...64.exe

windows10-2004-x64

8

Resubmissions

09/09/2022, 19:11

220909-xv9xzacfgn 8

09/09/2022, 19:01

220909-xn68haghf6 8

Sharing

Copy URL Twitter E-mail

General

  • Target

    dotnet-sdk-3.1.422-win-x64.exe

  • Size

    129.4MB

  • Sample

    220909-xn68haghf6

  • MD5

    91e4422c946e28e7d909f350b944d316

  • SHA1

    64e08da3a46bc7622ea1c23e5792bb156e49794e

  • SHA256

    c005936cb24df728d7f8c303d7659c337ca54d99f6a77682122bbd3ac8b2ab8b

  • SHA512

    baaa610c64d8b5f90b4d2aae4c3b198a804fc13083f7a4dce20d18c7b28bfb10ade19b54e79f59a2b00b2107171b850d80e0e6659db6d834f593be97c60100a8

  • SSDEEP

    3145728:Xd3GSOmjzmZvbxKlXs8Vy+2EvMloU/SHc02Ixp:Xdl9jzmRbxIJU+XaoU/2Oy

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      dotnet-sdk-3.1.422-win-x64.exe

    • Size

      129.4MB

    • MD5

      91e4422c946e28e7d909f350b944d316

    • SHA1

      64e08da3a46bc7622ea1c23e5792bb156e49794e

    • SHA256

      c005936cb24df728d7f8c303d7659c337ca54d99f6a77682122bbd3ac8b2ab8b

    • SHA512

      baaa610c64d8b5f90b4d2aae4c3b198a804fc13083f7a4dce20d18c7b28bfb10ade19b54e79f59a2b00b2107171b850d80e0e6659db6d834f593be97c60100a8

    • SSDEEP

      3145728:Xd3GSOmjzmZvbxKlXs8Vy+2EvMloU/SHc02Ixp:Xdl9jzmRbxIJU+XaoU/2Oy

    Score
    8/10
    discoverypersistence

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks