Overview

overview

8

Static

static

55bf6f0b90...d6.exe

windows7-x64

8

55bf6f0b90...d6.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    55bf6f0b904784460ace3956af3f4cade754c346df1a88fd042c29ee57703dd6

  • Size

    25KB

  • Sample

    221107-et4qfsgca8

  • MD5

    130ad847dfebc8dcd876409cb47b7290

  • SHA1

    b19b2537716117063ca17e1018fe5baa69b23112

  • SHA256

    55bf6f0b904784460ace3956af3f4cade754c346df1a88fd042c29ee57703dd6

  • SHA512

    7ed8b9b49f7b05eaed287399a29c3d21ccf7a50090cd8ef56f1ab66cf27ca88b65b8f91fcdc47bbc3316b66052fc966d2818608be541869d92bf00502f1f2e45

  • SSDEEP

    768:iodHq2OnJASJ38/id/wDwlfIMRVz8pUo5xb:nNqrJ/J3vd/wExI0Zpkb

Score
8/10
evasionpersistence

Malware Config

Targets

    • Target

      55bf6f0b904784460ace3956af3f4cade754c346df1a88fd042c29ee57703dd6

    • Size

      25KB

    • MD5

      130ad847dfebc8dcd876409cb47b7290

    • SHA1

      b19b2537716117063ca17e1018fe5baa69b23112

    • SHA256

      55bf6f0b904784460ace3956af3f4cade754c346df1a88fd042c29ee57703dd6

    • SHA512

      7ed8b9b49f7b05eaed287399a29c3d21ccf7a50090cd8ef56f1ab66cf27ca88b65b8f91fcdc47bbc3316b66052fc966d2818608be541869d92bf00502f1f2e45

    • SSDEEP

      768:iodHq2OnJASJ38/id/wDwlfIMRVz8pUo5xb:nNqrJ/J3vd/wExI0Zpkb

    Score
    8/10
    evasionpersistence

    • Executes dropped EXE

    • Modifies Windows Firewall

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks