Overview

overview

8

Static

static

cd6d7aa9a2...97.exe

windows7-x64

8

cd6d7aa9a2...97.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cd6d7aa9a26b392588ba60114d3919de6b417f4f519128429f87a58fe7ebce97

  • Size

    255KB

  • Sample

    221123-sylmbsce75

  • MD5

    7e18139b8f704d76be49863d2c317154

  • SHA1

    4512df294a32a0eeaf8406018b82d5b3bff73e96

  • SHA256

    cd6d7aa9a26b392588ba60114d3919de6b417f4f519128429f87a58fe7ebce97

  • SHA512

    8c501087a7c3b990a89a2b90e39da2374616076c64261139258d1640cc076b14a11a307d97f80b009aa35c6d60bbed98ef46ced97225586d4568cc7f3754281d

  • SSDEEP

    3072:aqqqXBpFauzTayb/mr2XU/MfD2UT63UYWWf4aUtVnlNDSbi1wuq0WAHVBHuTJK5o:aqqqXBpC1s6UPGbK0TJ

Score
8/10
persistence

Malware Config

Targets

    • Target

      cd6d7aa9a26b392588ba60114d3919de6b417f4f519128429f87a58fe7ebce97

    • Size

      255KB

    • MD5

      7e18139b8f704d76be49863d2c317154

    • SHA1

      4512df294a32a0eeaf8406018b82d5b3bff73e96

    • SHA256

      cd6d7aa9a26b392588ba60114d3919de6b417f4f519128429f87a58fe7ebce97

    • SHA512

      8c501087a7c3b990a89a2b90e39da2374616076c64261139258d1640cc076b14a11a307d97f80b009aa35c6d60bbed98ef46ced97225586d4568cc7f3754281d

    • SSDEEP

      3072:aqqqXBpFauzTayb/mr2XU/MfD2UT63UYWWf4aUtVnlNDSbi1wuq0WAHVBHuTJK5o:aqqqXBpC1s6UPGbK0TJ

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks