Overview

overview

8

Static

static

cf7581c8c1...98.exe

windows7-x64

8

cf7581c8c1...98.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    cf7581c8c12ae17c97beb2d44455466474ed2172a42223023071dd169cbc7198

  • Size

    468KB

  • Sample

    221205-gnsgcafg7w

  • MD5

    7e325b8578dd3cd2b714fee3aab0cbce

  • SHA1

    dccccab48f7cf620d2366f0a936d1e6b6c913e37

  • SHA256

    cf7581c8c12ae17c97beb2d44455466474ed2172a42223023071dd169cbc7198

  • SHA512

    42b2bceb1d9d38f8902099436c0079155b9454dc002ec0a3828d3b212b16029ba6fd22537e73fe81d6b17c658a5991cd3c03fd41f0fb416de34a58259a4fb885

  • SSDEEP

    6144:aR6gh7WNA/MlIeurGbCs++RafNlUwjOTcOggNxDlrsGwFahOtnHk6SVC+HiT5CHE:1m7ZSes++sVlUdrdEwsHk6h+HM6UTx8y

Score
8/10
persistence

Malware Config

Targets

    • Target

      cf7581c8c12ae17c97beb2d44455466474ed2172a42223023071dd169cbc7198

    • Size

      468KB

    • MD5

      7e325b8578dd3cd2b714fee3aab0cbce

    • SHA1

      dccccab48f7cf620d2366f0a936d1e6b6c913e37

    • SHA256

      cf7581c8c12ae17c97beb2d44455466474ed2172a42223023071dd169cbc7198

    • SHA512

      42b2bceb1d9d38f8902099436c0079155b9454dc002ec0a3828d3b212b16029ba6fd22537e73fe81d6b17c658a5991cd3c03fd41f0fb416de34a58259a4fb885

    • SSDEEP

      6144:aR6gh7WNA/MlIeurGbCs++RafNlUwjOTcOggNxDlrsGwFahOtnHk6SVC+HiT5CHE:1m7ZSes++sVlUdrdEwsHk6h+HM6UTx8y

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Modifies Installed Components in the registry

      persistence

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks