Overview

overview

8

Static

static

b3504be613...69.exe

windows7-x64

8

b3504be613...69.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b3504be6134d796bcf439a3fb30582a776ea384069ced5aad01072f2543df169

  • Size

    117KB

  • Sample

    221202-wz3tsafd5w

  • MD5

    6329548714007a1e7affcc127d8b67eb

  • SHA1

    11ccb39f0cb9d16fc3e62736c61b347af9346b92

  • SHA256

    b3504be6134d796bcf439a3fb30582a776ea384069ced5aad01072f2543df169

  • SHA512

    b82999a48b6fd577b9ef30aab72575224176f98b61a3e4e7bbb81517c8a8c84de3ec6ded8ea4d1b38b2391f9b3514b2b9452163e7bb5ee663544612ecfde0ce5

  • SSDEEP

    3072:JP7XK4LMisXbktblQ28H/5NFQH5drHd4FZaggrBB:JPOiMioSl5rHdogg4B

Score
8/10
persistence

Malware Config

Targets

    • Target

      b3504be6134d796bcf439a3fb30582a776ea384069ced5aad01072f2543df169

    • Size

      117KB

    • MD5

      6329548714007a1e7affcc127d8b67eb

    • SHA1

      11ccb39f0cb9d16fc3e62736c61b347af9346b92

    • SHA256

      b3504be6134d796bcf439a3fb30582a776ea384069ced5aad01072f2543df169

    • SHA512

      b82999a48b6fd577b9ef30aab72575224176f98b61a3e4e7bbb81517c8a8c84de3ec6ded8ea4d1b38b2391f9b3514b2b9452163e7bb5ee663544612ecfde0ce5

    • SSDEEP

      3072:JP7XK4LMisXbktblQ28H/5NFQH5drHd4FZaggrBB:JPOiMioSl5rHdogg4B

    Score
    8/10
    persistence

    • Adds policy Run key to start application

      persistence

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks