Overview

overview

8

Static

static

2ca92c5520...60.exe

windows7-x64

8

2ca92c5520...60.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    2ca92c5520b57899915c2d9ae55b01c9ea2b2cea3b027a4f13f0c5953d28fd60

  • Size

    339KB

  • Sample

    221011-w76kmsheb5

  • MD5

    6cccc011ee7ac9b41ec6ee2282f204df

  • SHA1

    840ba565d7a5e841d90146747d0895c3ded78fd6

  • SHA256

    2ca92c5520b57899915c2d9ae55b01c9ea2b2cea3b027a4f13f0c5953d28fd60

  • SHA512

    e3823fbd888885916a2c7021cf1dc7a356c14fa9b2f7ac4b43ae5fe9052dde47ec4515e8986d2d174c9b38cec93342b91808a586a124a806ab8d9ad3d67b4dc6

  • SSDEEP

    6144:sz+92mhAMJ/cPl3ircKbEJCI94xuy4EMMGko42Is99LFiHnjH26MUNZlJZ:sK2mhAMJ/cPllyEsI+x0ko4WPsHnjHVT

Score
8/10
persistence

Malware Config

Targets

    • Target

      2ca92c5520b57899915c2d9ae55b01c9ea2b2cea3b027a4f13f0c5953d28fd60

    • Size

      339KB

    • MD5

      6cccc011ee7ac9b41ec6ee2282f204df

    • SHA1

      840ba565d7a5e841d90146747d0895c3ded78fd6

    • SHA256

      2ca92c5520b57899915c2d9ae55b01c9ea2b2cea3b027a4f13f0c5953d28fd60

    • SHA512

      e3823fbd888885916a2c7021cf1dc7a356c14fa9b2f7ac4b43ae5fe9052dde47ec4515e8986d2d174c9b38cec93342b91808a586a124a806ab8d9ad3d67b4dc6

    • SSDEEP

      6144:sz+92mhAMJ/cPl3ircKbEJCI94xuy4EMMGko42Is99LFiHnjH26MUNZlJZ:sK2mhAMJ/cPllyEsI+x0ko4WPsHnjHVT

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Modifies AppInit DLL entries

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks