Overview

overview

8

Static

static

cfff403cc6...4c.exe

windows7-x64

8

cfff403cc6...4c.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    cfff403cc6fbd08e1ce65e63ebdf32bd8b7b11c3d0ec09ac8fe0dfd7d5c1cf4c

  • Size

    191KB

  • Sample

    221106-x8v1zabedq

  • MD5

    0f59a92a741c75589d649af26b7c0920

  • SHA1

    7c42edba2f2a764ee1051397acb24564aedb5c5c

  • SHA256

    cfff403cc6fbd08e1ce65e63ebdf32bd8b7b11c3d0ec09ac8fe0dfd7d5c1cf4c

  • SHA512

    3ecb19e2a76bbf34d4443466c49b4c672ec22431c5c04ff8a414cb31d1cf42fef2f96c574226d2a326fa2712c70f01264a9052d35a8ccc8e583520a85ae3dc39

  • SSDEEP

    3072:dBI5ArKGCnhgU1XA+ArXjeaMoh6lgUaVwQ+/76bSSN+PS7VyoCeJ6ik+wZ:dK5ArKjbAxXSaegUqGeGpBohM+w

Score
8/10
persistence

Malware Config

Targets

    • Target

      cfff403cc6fbd08e1ce65e63ebdf32bd8b7b11c3d0ec09ac8fe0dfd7d5c1cf4c

    • Size

      191KB

    • MD5

      0f59a92a741c75589d649af26b7c0920

    • SHA1

      7c42edba2f2a764ee1051397acb24564aedb5c5c

    • SHA256

      cfff403cc6fbd08e1ce65e63ebdf32bd8b7b11c3d0ec09ac8fe0dfd7d5c1cf4c

    • SHA512

      3ecb19e2a76bbf34d4443466c49b4c672ec22431c5c04ff8a414cb31d1cf42fef2f96c574226d2a326fa2712c70f01264a9052d35a8ccc8e583520a85ae3dc39

    • SSDEEP

      3072:dBI5ArKGCnhgU1XA+ArXjeaMoh6lgUaVwQ+/76bSSN+PS7VyoCeJ6ik+wZ:dK5ArKjbAxXSaegUqGeGpBohM+w

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks