Overview

overview

8

Static

static

2dc97afe7b...e2.exe

windows7-x64

8

2dc97afe7b...e2.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2dc97afe7b079eb95b9b875ae8d836f8d7140582328e2eed894a410eb67e47e2

  • Size

    1.3MB

  • Sample

    221124-ggfh7sfe8v

  • MD5

    a1bda40c59fd27a982da6e38712d0f0a

  • SHA1

    8b67c4ae2806d9a68a4471687bb05e69a639340a

  • SHA256

    2dc97afe7b079eb95b9b875ae8d836f8d7140582328e2eed894a410eb67e47e2

  • SHA512

    6362eb6e0745ee7d059974d1eadd1ffb31599f43a96cc57bd4c2f285e2db2f0fc28befadb964333cb892325db2314be8689faf62c56273a4590e9e5b2965ca1f

  • SSDEEP

    24576:116ATdlcMtqmaK5T4ddwIetMYVYzgKSzu8eYIIhGlAxhiYtoXFitA4oQu4omQ0:116AplhtZR5CwIjYMzSzu8eYI8GlAxhN

Score
8/10
persistence

Malware Config

Targets

    • Target

      2dc97afe7b079eb95b9b875ae8d836f8d7140582328e2eed894a410eb67e47e2

    • Size

      1.3MB

    • MD5

      a1bda40c59fd27a982da6e38712d0f0a

    • SHA1

      8b67c4ae2806d9a68a4471687bb05e69a639340a

    • SHA256

      2dc97afe7b079eb95b9b875ae8d836f8d7140582328e2eed894a410eb67e47e2

    • SHA512

      6362eb6e0745ee7d059974d1eadd1ffb31599f43a96cc57bd4c2f285e2db2f0fc28befadb964333cb892325db2314be8689faf62c56273a4590e9e5b2965ca1f

    • SSDEEP

      24576:116ATdlcMtqmaK5T4ddwIetMYVYzgKSzu8eYIIhGlAxhiYtoXFitA4oQu4omQ0:116AplhtZR5CwIjYMzSzu8eYI8GlAxhN

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks