Overview

overview

8

Static

static

cfe7870278...e3.exe

windows7-x64

8

cfe7870278...e3.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cfe78702781aad83f03ac8d4c475561f990e4b33a4688301f3c2d729a8f6fbe3

  • Size

    507KB

  • Sample

    221201-ljqt6sac3y

  • MD5

    aa644e4ba71f99c7ab5d622a26f95d73

  • SHA1

    857d5aed4e0db38460bb27a99dcd0ed602ae5d91

  • SHA256

    cfe78702781aad83f03ac8d4c475561f990e4b33a4688301f3c2d729a8f6fbe3

  • SHA512

    ab3a4d387a92c61731317394bdb8c14ce5160e6211ab892f30973ab28d8198102da8de37fa6283492b4adfa495bb108de032c540d546e195da67102d9e1800e5

  • SSDEEP

    6144:PUrqA3AheuswyPnsfbRoTUvF8GBKcBfq2qJYCh5Flpo/u:PUWA3AheuswyU5vaGLf7qJb7po/u

Score
8/10
persistence

Malware Config

Targets

    • Target

      cfe78702781aad83f03ac8d4c475561f990e4b33a4688301f3c2d729a8f6fbe3

    • Size

      507KB

    • MD5

      aa644e4ba71f99c7ab5d622a26f95d73

    • SHA1

      857d5aed4e0db38460bb27a99dcd0ed602ae5d91

    • SHA256

      cfe78702781aad83f03ac8d4c475561f990e4b33a4688301f3c2d729a8f6fbe3

    • SHA512

      ab3a4d387a92c61731317394bdb8c14ce5160e6211ab892f30973ab28d8198102da8de37fa6283492b4adfa495bb108de032c540d546e195da67102d9e1800e5

    • SSDEEP

      6144:PUrqA3AheuswyPnsfbRoTUvF8GBKcBfq2qJYCh5Flpo/u:PUWA3AheuswyU5vaGLf7qJb7po/u

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks