Overview

overview

8

Static

static

MicroSIP-3.21.3.exe

windows10-1703-x64

8

MicroSIP-3.21.3.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    MicroSIP-3.21.3.exe

  • Size

    8.4MB

  • Sample

    221123-sr3bhafb7w

  • MD5

    349388dcd0d7fe5788fadc507e24ec67

  • SHA1

    6040763487840999b962f78555e07aee4dbe47a9

  • SHA256

    1b88f9245d7d9af58c189290ba3a1722afb506d2853c9a329186568df3a62961

  • SHA512

    9861acb60712c2b2c8320e00cd3b241b6eb92d80e0f0ae06603aeda3ae3747495fc0c404b52daec1d0c66cb79f9ff7acd54a66a8b4818124cd68933b2736b8e5

  • SSDEEP

    196608:pn/1btqdYfCY80dP8jY+Q5p8LdMXpsEw9yCl6ilU:d/Nt4YfCYLujY+Ip8mXpsvyCMuU

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      MicroSIP-3.21.3.exe

    • Size

      8.4MB

    • MD5

      349388dcd0d7fe5788fadc507e24ec67

    • SHA1

      6040763487840999b962f78555e07aee4dbe47a9

    • SHA256

      1b88f9245d7d9af58c189290ba3a1722afb506d2853c9a329186568df3a62961

    • SHA512

      9861acb60712c2b2c8320e00cd3b241b6eb92d80e0f0ae06603aeda3ae3747495fc0c404b52daec1d0c66cb79f9ff7acd54a66a8b4818124cd68933b2736b8e5

    • SSDEEP

      196608:pn/1btqdYfCY80dP8jY+Q5p8LdMXpsEw9yCl6ilU:d/Nt4YfCYLujY+Ip8mXpsvyCMuU

    Score
    8/10
    discoverypersistence

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks