Overview

overview

8

Static

static

cf73338e10...f5.exe

windows7-x64

8

cf73338e10...f5.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cf73338e10c9a2e314963409241a7a3595b5e21a982b5de92ea8c808609234f5

  • Size

    160KB

  • Sample

    221202-18pezadd5x

  • MD5

    9b3f6acf3d79db09c1252aeabfd72318

  • SHA1

    cd3de7e47c3469354af34cf96ecbbe0633f66aeb

  • SHA256

    cf73338e10c9a2e314963409241a7a3595b5e21a982b5de92ea8c808609234f5

  • SHA512

    c2722a62692a79344bc9b6482460b46475b5780482577077426ffd3b749b7c840389efa89f49801462dd0bb4409a0ae60828cb466729f6e5bca327b77dd601f0

  • SSDEEP

    3072:UzNWMKKRZYchObK91C8sV6Xmoo4LEpYU4JkYpmU13OfsG7Rg4NC+rt:UZuuObR8sVImcyYU4JdmW+0IqGt

Score
8/10
persistence

Malware Config

Targets

    • Target

      cf73338e10c9a2e314963409241a7a3595b5e21a982b5de92ea8c808609234f5

    • Size

      160KB

    • MD5

      9b3f6acf3d79db09c1252aeabfd72318

    • SHA1

      cd3de7e47c3469354af34cf96ecbbe0633f66aeb

    • SHA256

      cf73338e10c9a2e314963409241a7a3595b5e21a982b5de92ea8c808609234f5

    • SHA512

      c2722a62692a79344bc9b6482460b46475b5780482577077426ffd3b749b7c840389efa89f49801462dd0bb4409a0ae60828cb466729f6e5bca327b77dd601f0

    • SSDEEP

      3072:UzNWMKKRZYchObK91C8sV6Xmoo4LEpYU4JkYpmU13OfsG7Rg4NC+rt:UZuuObR8sVImcyYU4JdmW+0IqGt

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Sets DLL path for service in the registry

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks