Overview

overview

8

Static

static

1425dcfbe0...21.exe

windows7-x64

8

1425dcfbe0...21.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1425dcfbe06fa76c7b1e491e4573afedd2a867e50650b9ad70e90ae872024821

  • Size

    24KB

  • Sample

    221123-mqp2wseg33

  • MD5

    a4ddc53c7de5a32c39cd1f516124a8d4

  • SHA1

    9a7895d14e80d9c551f2e1d781a62a5a18053d4c

  • SHA256

    1425dcfbe06fa76c7b1e491e4573afedd2a867e50650b9ad70e90ae872024821

  • SHA512

    8c4393278e1dba723ba8126a65e6838db5a7cc44d641490c665cf90efd0a512aef1b0ce1bf42677a2e42ab2e996f4dd46b29c4f075a4f231ea6a860df4fb3f87

  • SSDEEP

    192:eWpYS3ZLKARp/7BByQlBzEVZWwONAD+/Fo4SXTjaTmCTmKxiP1oynp/V+dDvmQkW:ecZLpJBEQyrOy+do4kfaqCKT1AfU

Score
8/10

Malware Config

Targets

    • Target

      1425dcfbe06fa76c7b1e491e4573afedd2a867e50650b9ad70e90ae872024821

    • Size

      24KB

    • MD5

      a4ddc53c7de5a32c39cd1f516124a8d4

    • SHA1

      9a7895d14e80d9c551f2e1d781a62a5a18053d4c

    • SHA256

      1425dcfbe06fa76c7b1e491e4573afedd2a867e50650b9ad70e90ae872024821

    • SHA512

      8c4393278e1dba723ba8126a65e6838db5a7cc44d641490c665cf90efd0a512aef1b0ce1bf42677a2e42ab2e996f4dd46b29c4f075a4f231ea6a860df4fb3f87

    • SSDEEP

      192:eWpYS3ZLKARp/7BByQlBzEVZWwONAD+/Fo4SXTjaTmCTmKxiP1oynp/V+dDvmQkW:ecZLpJBEQyrOy+do4kfaqCKT1AfU

    Score
    8/10

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks