Overview

overview

8

Static

static

4597f7460b...f2.exe

windows7-x64

8

4597f7460b...f2.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    4597f7460bb5a8bb2b90191c6d08a35cbc0ceb77bd1fb5193083848d43cc88f2

  • Size

    250KB

  • Sample

    221107-e3zsvsgfb6

  • MD5

    0840bb99276fddc94a08a7beef9e0729

  • SHA1

    8332ab4c073e37a5c835e91933c8188d57956118

  • SHA256

    4597f7460bb5a8bb2b90191c6d08a35cbc0ceb77bd1fb5193083848d43cc88f2

  • SHA512

    600dbd792ec1fd251b425463be6bfa8900fc938ddaaefa2633e20d6c4d1fa44264c5dd62a73e4adc7db85f286bd4dd419d7f2f48fd84365af8a443144a044b49

  • SSDEEP

    6144:AfizLw9ZmdoFD+sZktrOEz2jCNdgt9LhRKS+OI3apFQi2aP/dhaki:sIwfPYtrJ6jCro9LXP+d3iFQi5P/dhaZ

Score
8/10
persistence

Malware Config

Targets

    • Target

      4597f7460bb5a8bb2b90191c6d08a35cbc0ceb77bd1fb5193083848d43cc88f2

    • Size

      250KB

    • MD5

      0840bb99276fddc94a08a7beef9e0729

    • SHA1

      8332ab4c073e37a5c835e91933c8188d57956118

    • SHA256

      4597f7460bb5a8bb2b90191c6d08a35cbc0ceb77bd1fb5193083848d43cc88f2

    • SHA512

      600dbd792ec1fd251b425463be6bfa8900fc938ddaaefa2633e20d6c4d1fa44264c5dd62a73e4adc7db85f286bd4dd419d7f2f48fd84365af8a443144a044b49

    • SSDEEP

      6144:AfizLw9ZmdoFD+sZktrOEz2jCNdgt9LhRKS+OI3apFQi2aP/dhaki:sIwfPYtrJ6jCro9LXP+d3iFQi5P/dhaZ

    Score
    8/10
    persistence

    • Adds policy Run key to start application

      persistence

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks