Overview

overview

8

Static

static

21de28db3a...e7.exe

windows7-x64

3

21de28db3a...e7.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    21de28db3ad1a8f37c75daf03be5e6c4d706b8ab3afa8392d49c6d59ac092ae7

  • Size

    25KB

  • Sample

    221128-d5fmbsbh67

  • MD5

    57c678211dda0d349e2d9d2a25116a19

  • SHA1

    77971234309f22074587833f1284bb4dc66923a4

  • SHA256

    21de28db3ad1a8f37c75daf03be5e6c4d706b8ab3afa8392d49c6d59ac092ae7

  • SHA512

    c83b19fd53177e43d4f69c7a7a6d55bdd9220034ec46eebf732b1e34271e0af6f608509931440c1ade08816b1919e4ca57328acccc2c5ce1fd2d71e6f31f7c51

  • SSDEEP

    384:hUmKnSZYRuVh7f0EYw+BrkylhOLX4+l6BU0NTy93SKUW:9uSZwuLD0xw3qOLo/lTyM7W

Score
8/10

Malware Config

Targets

    • Target

      21de28db3ad1a8f37c75daf03be5e6c4d706b8ab3afa8392d49c6d59ac092ae7

    • Size

      25KB

    • MD5

      57c678211dda0d349e2d9d2a25116a19

    • SHA1

      77971234309f22074587833f1284bb4dc66923a4

    • SHA256

      21de28db3ad1a8f37c75daf03be5e6c4d706b8ab3afa8392d49c6d59ac092ae7

    • SHA512

      c83b19fd53177e43d4f69c7a7a6d55bdd9220034ec46eebf732b1e34271e0af6f608509931440c1ade08816b1919e4ca57328acccc2c5ce1fd2d71e6f31f7c51

    • SSDEEP

      384:hUmKnSZYRuVh7f0EYw+BrkylhOLX4+l6BU0NTy93SKUW:9uSZwuLD0xw3qOLo/lTyM7W

    Score
    8/10

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks