Overview

overview

8

Static

static

1

c6d893067a...bb.exe

windows7-x64

8

c6d893067a...bb.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c6d893067a788a46a07d631e48798baff420430ebc097981aaa3a09bd63965bb

  • Size

    129KB

  • Sample

    220919-cq4vyacca4

  • MD5

    98c2327ab98096861171ae4f6846e662

  • SHA1

    692aebee9149cf25b70da842456c16b3e5553085

  • SHA256

    c6d893067a788a46a07d631e48798baff420430ebc097981aaa3a09bd63965bb

  • SHA512

    73d38d5c268533d3e0a3b3feb2ea091da81e6ba29231da23a0f0db11185cc8aa40984b1d788e1a2dd5ae8c30f47eeff36180d74bc16cf9f4dd86367a4c0b9215

  • SSDEEP

    3072:zQIURTXJcuFxM//D/IiIQirww/lRN58TuNVHjdZYXLSd:zsW+x+IiIAwNRgTYVDdz

Score
8/10
persistence

Malware Config

Targets

    • Target

      c6d893067a788a46a07d631e48798baff420430ebc097981aaa3a09bd63965bb

    • Size

      129KB

    • MD5

      98c2327ab98096861171ae4f6846e662

    • SHA1

      692aebee9149cf25b70da842456c16b3e5553085

    • SHA256

      c6d893067a788a46a07d631e48798baff420430ebc097981aaa3a09bd63965bb

    • SHA512

      73d38d5c268533d3e0a3b3feb2ea091da81e6ba29231da23a0f0db11185cc8aa40984b1d788e1a2dd5ae8c30f47eeff36180d74bc16cf9f4dd86367a4c0b9215

    • SSDEEP

      3072:zQIURTXJcuFxM//D/IiIQirww/lRN58TuNVHjdZYXLSd:zsW+x+IiIAwNRgTYVDdz

    Score
    8/10
    persistence

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks