Overview

overview

10

Static

static

bf197c7a8f...3c.exe

windows7-x64

8

bf197c7a8f...3c.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bf197c7a8f4c75122d35fea04ed9eb7ba59d34f5a9dcfff2a1f98c5eeeb5fb3c

  • Size

    451KB

  • Sample

    221123-aes8ysdg28

  • MD5

    c10e6df6488b413f264e96b628a1b1ee

  • SHA1

    65f368d406b874e1f1d9a4bffc38a9969bc9c413

  • SHA256

    bf197c7a8f4c75122d35fea04ed9eb7ba59d34f5a9dcfff2a1f98c5eeeb5fb3c

  • SHA512

    ed20ab6e0432c3657cebe2e49892481b61be11b2db171e3e22bcf55a959c6c4178e04f5af8a9abae5de65bfe95d0c5de17ea886710ea8b646679d0dcb5c2fed6

  • SSDEEP

    12288:pK2mhAMJ/cPlFhaVqrZAcxGBu/WdyQuIk:I2O/GlFYYAIGBu+g

Score
10/10
persistencephishing

Malware Config

Targets

    • Target

      bf197c7a8f4c75122d35fea04ed9eb7ba59d34f5a9dcfff2a1f98c5eeeb5fb3c

    • Size

      451KB

    • MD5

      c10e6df6488b413f264e96b628a1b1ee

    • SHA1

      65f368d406b874e1f1d9a4bffc38a9969bc9c413

    • SHA256

      bf197c7a8f4c75122d35fea04ed9eb7ba59d34f5a9dcfff2a1f98c5eeeb5fb3c

    • SHA512

      ed20ab6e0432c3657cebe2e49892481b61be11b2db171e3e22bcf55a959c6c4178e04f5af8a9abae5de65bfe95d0c5de17ea886710ea8b646679d0dcb5c2fed6

    • SSDEEP

      12288:pK2mhAMJ/cPlFhaVqrZAcxGBu/WdyQuIk:I2O/GlFYYAIGBu+g

    Score
    10/10
    persistencephishing

    • Detected phishing page

      phishing

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks