Overview

overview

8

Static

static

1

e98d69e2b3...8c.exe

windows7-x64

8

e98d69e2b3...8c.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e98d69e2b3d58229bbbd4e70c0ce00aa90323c4ea58010c2ff608c2110d0938c

  • Size

    540KB

  • Sample

    221107-eradtsgag6

  • MD5

    0fca660f094b1fc1bd60daf36a63b5e0

  • SHA1

    e47843179f04ff9aaf36f91958a3c69b1dfd345e

  • SHA256

    e98d69e2b3d58229bbbd4e70c0ce00aa90323c4ea58010c2ff608c2110d0938c

  • SHA512

    816cc1a14c1593f108791928a64d1ee2f2b42ac09e05bc4d09c1ad5811ce235db304934f19c1b2543a3accd7603f6830a0580c719bc66bc2a42167d7a9405ae6

  • SSDEEP

    12288:T7LOs/hT/uvnuVggFEKZWIT6FiVq1DAzZUOa:T/Osl2magFEKMIT6CyoUB

Score
8/10
discoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      e98d69e2b3d58229bbbd4e70c0ce00aa90323c4ea58010c2ff608c2110d0938c

    • Size

      540KB

    • MD5

      0fca660f094b1fc1bd60daf36a63b5e0

    • SHA1

      e47843179f04ff9aaf36f91958a3c69b1dfd345e

    • SHA256

      e98d69e2b3d58229bbbd4e70c0ce00aa90323c4ea58010c2ff608c2110d0938c

    • SHA512

      816cc1a14c1593f108791928a64d1ee2f2b42ac09e05bc4d09c1ad5811ce235db304934f19c1b2543a3accd7603f6830a0580c719bc66bc2a42167d7a9405ae6

    • SSDEEP

      12288:T7LOs/hT/uvnuVggFEKZWIT6FiVq1DAzZUOa:T/Osl2magFEKMIT6CyoUB

    Score
    8/10
    discoveryevasionpersistencetrojan

    • Executes dropped EXE

    • Registers COM server for autorun

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks