Overview

overview

8

Static

static

b2cd7adad1...d7.exe

windows7-x64

8

b2cd7adad1...d7.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b2cd7adad16447a9887db379a499bd32d0fc39d18b90c213ca3e2798ed3b7cd7

  • Size

    200KB

  • Sample

    221121-k9zz4agd6v

  • MD5

    0a61b7b1f70d609f70161f4dce53d290

  • SHA1

    a4b6610df7e4c92ea8777df610d85b593dafc7f8

  • SHA256

    b2cd7adad16447a9887db379a499bd32d0fc39d18b90c213ca3e2798ed3b7cd7

  • SHA512

    ae9bc96b9c61fe7c9ea8fbc703e2227cc76599ec0cb5753b4be9d7915f6d553f21eea9abc14e55a2266f0df58db4ac6fdccc2bced659c4eb0ddeb3afbad3d17c

  • SSDEEP

    3072:9BI5ArKGCnhgU1XA+ArXjeaMoh6lgUaVwQ+/76bSSN+PS7VyoCeJ6ikanHul3vfS:9K5ArKjbAxXSaegUqGeGpBohMmH

Score
8/10
persistence

Malware Config

Targets

    • Target

      b2cd7adad16447a9887db379a499bd32d0fc39d18b90c213ca3e2798ed3b7cd7

    • Size

      200KB

    • MD5

      0a61b7b1f70d609f70161f4dce53d290

    • SHA1

      a4b6610df7e4c92ea8777df610d85b593dafc7f8

    • SHA256

      b2cd7adad16447a9887db379a499bd32d0fc39d18b90c213ca3e2798ed3b7cd7

    • SHA512

      ae9bc96b9c61fe7c9ea8fbc703e2227cc76599ec0cb5753b4be9d7915f6d553f21eea9abc14e55a2266f0df58db4ac6fdccc2bced659c4eb0ddeb3afbad3d17c

    • SSDEEP

      3072:9BI5ArKGCnhgU1XA+ArXjeaMoh6lgUaVwQ+/76bSSN+PS7VyoCeJ6ikanHul3vfS:9K5ArKjbAxXSaegUqGeGpBohMmH

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks