Overview

overview

8

Static

static

70c9472b12...ca.exe

windows7-x64

8

70c9472b12...ca.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    70c9472b125f4947ab54ad00f34c2159ee5369cbb008bfe4436f9577f82c4bca

  • Size

    364KB

  • Sample

    221125-l4fjyada7t

  • MD5

    ebfcf8c015fe20503aca81f42d42c692

  • SHA1

    98949a83bd2277221fa643933173f338f1ce44f8

  • SHA256

    70c9472b125f4947ab54ad00f34c2159ee5369cbb008bfe4436f9577f82c4bca

  • SHA512

    a9499d8c3715cb387d3cc954b2e2e8f0974b0f63a36c64a2d5559a70f2c7c3c9db225d939ea39a3e98a201feda3ee761be7390518e06f9895f7a6f1c15e17b92

  • SSDEEP

    6144:650tR/5gjbnI3OkLFxD5tKdHDunqIxynuzy0:t/5gjbnI3OkLFxD5tKZDunjxynuz9

Score
8/10
discoveryevasionexploitpersistence

Malware Config

Targets

    • Target

      70c9472b125f4947ab54ad00f34c2159ee5369cbb008bfe4436f9577f82c4bca

    • Size

      364KB

    • MD5

      ebfcf8c015fe20503aca81f42d42c692

    • SHA1

      98949a83bd2277221fa643933173f338f1ce44f8

    • SHA256

      70c9472b125f4947ab54ad00f34c2159ee5369cbb008bfe4436f9577f82c4bca

    • SHA512

      a9499d8c3715cb387d3cc954b2e2e8f0974b0f63a36c64a2d5559a70f2c7c3c9db225d939ea39a3e98a201feda3ee761be7390518e06f9895f7a6f1c15e17b92

    • SSDEEP

      6144:650tR/5gjbnI3OkLFxD5tKdHDunqIxynuzy0:t/5gjbnI3OkLFxD5tKZDunjxynuz9

    Score
    8/10
    discoveryevasionexploitpersistence

    • Disables Task Manager via registry modification

      evasion

    • Possible privilege escalation attempt

      exploit

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Modifies file permissions

      discovery

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks