General

  • Target

    sp-music-converter.exe

  • Size

    694KB

  • Sample

    221010-svs71acegp

  • MD5

    1a62c93f88fa4ea4b05f355151f7ad11

  • SHA1

    009d6e1c125eb06889b9d1540abaf948155f8943

  • SHA256

    6256165dcfc7421faf7063a39a32795376a16cc8854e9c2657fab082102bbfd6

  • SHA512

    4cdfb68de25ed23e242f4fab2f28e46c20fdde86d2bf1ba0fc0923fcea414c25b46b1c897eee6ef68cfd025877b159d7a4a1b4357bcfcd0e5922b15f81fc0705

  • SSDEEP

    12288:/ihVMRK4uVADPNKT1zH3ptaR1sDfOQSvJqFZ6Bp63hhSKy2nfNDBa45/Ys:/MVMMTqDu173pG1szLSvJw8iSKy2Fw4x

Score
8/10

Malware Config

Targets

    • Target

      sp-music-converter.exe

    • Size

      694KB

    • MD5

      1a62c93f88fa4ea4b05f355151f7ad11

    • SHA1

      009d6e1c125eb06889b9d1540abaf948155f8943

    • SHA256

      6256165dcfc7421faf7063a39a32795376a16cc8854e9c2657fab082102bbfd6

    • SHA512

      4cdfb68de25ed23e242f4fab2f28e46c20fdde86d2bf1ba0fc0923fcea414c25b46b1c897eee6ef68cfd025877b159d7a4a1b4357bcfcd0e5922b15f81fc0705

    • SSDEEP

      12288:/ihVMRK4uVADPNKT1zH3ptaR1sDfOQSvJqFZ6Bp63hhSKy2nfNDBa45/Ys:/MVMMTqDu173pG1szLSvJw8iSKy2Fw4x

    Score
    8/10
    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks