Overview

overview

8

Static

static

1

eed4947a4c...65.exe

windows7-x64

8

eed4947a4c...65.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    eed4947a4cbd5cf6b1f1604653cddd762465f173aef58b0468ce272620cf9d65

  • Size

    106KB

  • Sample

    221123-m7bktsbb6s

  • MD5

    a0974ea17ffaa8e07539747bb13d4c11

  • SHA1

    a4b049de6ea000dbc638a71682728429300726b6

  • SHA256

    eed4947a4cbd5cf6b1f1604653cddd762465f173aef58b0468ce272620cf9d65

  • SHA512

    5bb7ceb6afe7545c5473c7468eeaf1b7107888b14cf37e2b70aa22c2e6bced436837a3c145f92edc2e081b7c83d9a8d8dea5a1b0e99cc7e058478b3c8c671e7f

  • SSDEEP

    3072:xZMJnTeM4cJJoGILa77j2NZmOSyt+DDMuzWtVhUxxb:/eTeM/sGILI8Z2yQ/MGWcxp

Score
8/10
persistence

Malware Config

Targets

    • Target

      eed4947a4cbd5cf6b1f1604653cddd762465f173aef58b0468ce272620cf9d65

    • Size

      106KB

    • MD5

      a0974ea17ffaa8e07539747bb13d4c11

    • SHA1

      a4b049de6ea000dbc638a71682728429300726b6

    • SHA256

      eed4947a4cbd5cf6b1f1604653cddd762465f173aef58b0468ce272620cf9d65

    • SHA512

      5bb7ceb6afe7545c5473c7468eeaf1b7107888b14cf37e2b70aa22c2e6bced436837a3c145f92edc2e081b7c83d9a8d8dea5a1b0e99cc7e058478b3c8c671e7f

    • SSDEEP

      3072:xZMJnTeM4cJJoGILa77j2NZmOSyt+DDMuzWtVhUxxb:/eTeM/sGILI8Z2yQ/MGWcxp

    Score
    8/10
    persistence

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Registers COM server for autorun

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks