Overview

overview

8

Static

static

f151c8538f...9a.exe

windows7-x64

8

f151c8538f...9a.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f151c8538f92a38501c2b89f4e3e937a77c19ef6323e806de4285620ad40369a

  • Size

    4.7MB

  • Sample

    221002-zqc4jsada5

  • MD5

    7d53c663dba982300cf2969655b248df

  • SHA1

    3403d17ca074389177d1d03b397585fd917c1ab1

  • SHA256

    f151c8538f92a38501c2b89f4e3e937a77c19ef6323e806de4285620ad40369a

  • SHA512

    a6650d8700de0252b9cf30de377219a4fd0e755344b5a624ce42cf223d36635f26997324fba891d7ddad509db5f7bb7cb232857e4a9a325b306894aa94860958

  • SSDEEP

    98304:DK9eiBEy6gr5sXXpfiIjulgcudr/XfuKVDHv/RmPxtnnoueqaj4tCyjkZl4:DKjW6CndLfcudT7PwZzK+ol4

Score
8/10
pyinstaller

Malware Config

Targets

    • Target

      f151c8538f92a38501c2b89f4e3e937a77c19ef6323e806de4285620ad40369a

    • Size

      4.7MB

    • MD5

      7d53c663dba982300cf2969655b248df

    • SHA1

      3403d17ca074389177d1d03b397585fd917c1ab1

    • SHA256

      f151c8538f92a38501c2b89f4e3e937a77c19ef6323e806de4285620ad40369a

    • SHA512

      a6650d8700de0252b9cf30de377219a4fd0e755344b5a624ce42cf223d36635f26997324fba891d7ddad509db5f7bb7cb232857e4a9a325b306894aa94860958

    • SSDEEP

      98304:DK9eiBEy6gr5sXXpfiIjulgcudr/XfuKVDHv/RmPxtnnoueqaj4tCyjkZl4:DKjW6CndLfcudT7PwZzK+ol4

    Score
    8/10
    pyinstaller

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks