Overview

overview

8

Static

static

c03b34fc27...92.exe

windows7-x64

8

c03b34fc27...92.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c03b34fc27465c8792100644aed3211ae28025fbf106b5a26753f1ed3269ca92

  • Size

    2.6MB

  • Sample

    221124-yjyk8shh8y

  • MD5

    7648846df72d835112bcd047ea02b694

  • SHA1

    bc72344d96a5bb37f7a58fbad6dd8ca3e2c585d5

  • SHA256

    c03b34fc27465c8792100644aed3211ae28025fbf106b5a26753f1ed3269ca92

  • SHA512

    5a6d744a658ac01b919a8a6725a5b30339949bcd753d2824f12583514cf2caa93132debf6169ba6cb18efdb45ad08a99e4d42936903a87f7b2ec3bfb59ef0fcc

  • SSDEEP

    49152:x00WC6D14V2udOmEGz2wzdqMAtpmDv3HWlJg7ygO5Dbs7:x01KRoGz2wxqMAtcv32l7BQ

Score
8/10
evasionpersistence

Malware Config

Targets

    • Target

      c03b34fc27465c8792100644aed3211ae28025fbf106b5a26753f1ed3269ca92

    • Size

      2.6MB

    • MD5

      7648846df72d835112bcd047ea02b694

    • SHA1

      bc72344d96a5bb37f7a58fbad6dd8ca3e2c585d5

    • SHA256

      c03b34fc27465c8792100644aed3211ae28025fbf106b5a26753f1ed3269ca92

    • SHA512

      5a6d744a658ac01b919a8a6725a5b30339949bcd753d2824f12583514cf2caa93132debf6169ba6cb18efdb45ad08a99e4d42936903a87f7b2ec3bfb59ef0fcc

    • SSDEEP

      49152:x00WC6D14V2udOmEGz2wzdqMAtpmDv3HWlJg7ygO5Dbs7:x01KRoGz2wxqMAtcv32l7BQ

    Score
    8/10
    evasionpersistence

    • Executes dropped EXE

    • Modifies Windows Firewall

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Adds Run key to start application

      persistence

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks