Overview

overview

8

Static

static

2a3de3b9dc...39.exe

windows7-x64

8

2a3de3b9dc...39.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2a3de3b9dcbd126c40a2668622d6fc2f6d0c930265dce364dee8646fd48a8939

  • Size

    217KB

  • Sample

    220919-r1nzsshaer

  • MD5

    98cc0abe9574ef21c1938b27b94b68c3

  • SHA1

    0bc35bf7416b4c05cd066cab9900588e2bc37d6a

  • SHA256

    2a3de3b9dcbd126c40a2668622d6fc2f6d0c930265dce364dee8646fd48a8939

  • SHA512

    446553e8f9ae9fd7da6180d44e0a26343f588497291fa50e53760eb90828bd8745ed3c4dafe2f5674c2f18f0b0c109e0b88b6a5d39b867dd8b10012278a03250

  • SSDEEP

    6144:1FgYBMXW5h6qLfYn5OnwrklYi2RnoDAY6M2He9F:sYB4W5gqE4wi2ltZLeF

Score
8/10
persistence

Malware Config

Targets

    • Target

      2a3de3b9dcbd126c40a2668622d6fc2f6d0c930265dce364dee8646fd48a8939

    • Size

      217KB

    • MD5

      98cc0abe9574ef21c1938b27b94b68c3

    • SHA1

      0bc35bf7416b4c05cd066cab9900588e2bc37d6a

    • SHA256

      2a3de3b9dcbd126c40a2668622d6fc2f6d0c930265dce364dee8646fd48a8939

    • SHA512

      446553e8f9ae9fd7da6180d44e0a26343f588497291fa50e53760eb90828bd8745ed3c4dafe2f5674c2f18f0b0c109e0b88b6a5d39b867dd8b10012278a03250

    • SSDEEP

      6144:1FgYBMXW5h6qLfYn5OnwrklYi2RnoDAY6M2He9F:sYB4W5gqE4wi2ltZLeF

    Score
    8/10
    persistence

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks