Overview

overview

8

Static

static

719f4f63b6...38.exe

windows7-x64

8

719f4f63b6...38.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    719f4f63b6a39719f535b0e9e84dc65d21c8a253eb07c1e4137c43c944497038

  • Size

    104KB

  • Sample

    221123-xq6dzsag4v

  • MD5

    6e5f035ac8a5f1b79ccb48be4cd4fbcb

  • SHA1

    293691c1c372f071d4706d9fe32d7b5d5e049a69

  • SHA256

    719f4f63b6a39719f535b0e9e84dc65d21c8a253eb07c1e4137c43c944497038

  • SHA512

    74acebae8f018905a32a64a11b5065cb44febbca7ec7be5155519340de38c4d467560d50c564a6c618d92b9a3c4785496980f5d1bd74e621fcab1c8d07b4fd87

  • SSDEEP

    3072:VK0rfqc5lNsJjelRLONsoBbwAX9bRwAX9:VLrCkNsVQgsm5Xb5X

Score
8/10

Malware Config

Targets

    • Target

      719f4f63b6a39719f535b0e9e84dc65d21c8a253eb07c1e4137c43c944497038

    • Size

      104KB

    • MD5

      6e5f035ac8a5f1b79ccb48be4cd4fbcb

    • SHA1

      293691c1c372f071d4706d9fe32d7b5d5e049a69

    • SHA256

      719f4f63b6a39719f535b0e9e84dc65d21c8a253eb07c1e4137c43c944497038

    • SHA512

      74acebae8f018905a32a64a11b5065cb44febbca7ec7be5155519340de38c4d467560d50c564a6c618d92b9a3c4785496980f5d1bd74e621fcab1c8d07b4fd87

    • SSDEEP

      3072:VK0rfqc5lNsJjelRLONsoBbwAX9bRwAX9:VLrCkNsVQgsm5Xb5X

    Score
    8/10

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

3
T1012

System Information Discovery

4
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks