Overview

overview

8

Static

static

536728268d...f6.exe

windows7-x64

8

536728268d...f6.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    536728268dec3e0c6f9cb5b9e5608edb8e95b4cf49b1274548fe70847fda26f6

  • Size

    12KB

  • Sample

    221202-15e25ada7w

  • MD5

    8f16a230d010688fecc77071c74ec58c

  • SHA1

    7635cb8595fb683cbac9e628cb7cfba547ed07df

  • SHA256

    536728268dec3e0c6f9cb5b9e5608edb8e95b4cf49b1274548fe70847fda26f6

  • SHA512

    2c140e19d2d7cb55e0447f92cfb80fb179f195129c588536a424a42e3601c040a390bb8b3ac874f28ea3879abbd45c2fae60de04add47a0a33191786ae9b0cc0

  • SSDEEP

    96:Z1HVrwV2EAV2EhwQ+cdv7lvQcy2oFQ0EL0NMQNMwX839bLJSqPD06RbhoYEt8H2P:Q2B2dcdF9PHTHlelsccLISNbV+7l

Score
8/10
evasionpersistence

Malware Config

Targets

    • Target

      536728268dec3e0c6f9cb5b9e5608edb8e95b4cf49b1274548fe70847fda26f6

    • Size

      12KB

    • MD5

      8f16a230d010688fecc77071c74ec58c

    • SHA1

      7635cb8595fb683cbac9e628cb7cfba547ed07df

    • SHA256

      536728268dec3e0c6f9cb5b9e5608edb8e95b4cf49b1274548fe70847fda26f6

    • SHA512

      2c140e19d2d7cb55e0447f92cfb80fb179f195129c588536a424a42e3601c040a390bb8b3ac874f28ea3879abbd45c2fae60de04add47a0a33191786ae9b0cc0

    • SSDEEP

      96:Z1HVrwV2EAV2EhwQ+cdv7lvQcy2oFQ0EL0NMQNMwX839bLJSqPD06RbhoYEt8H2P:Q2B2dcdF9PHTHlelsccLISNbV+7l

    Score
    8/10
    evasionpersistence

    • Disables RegEdit via registry modification

      evasion

    • Disables Task Manager via registry modification

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks