Overview

overview

8

Static

static

f1bbc6281d...d4.exe

windows7-x64

8

f1bbc6281d...d4.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    f1bbc6281d383ba2445d99eb73c61784dd80dcce0e1a757e64ad98b31017dbd4

  • Size

    103KB

  • Sample

    221205-gwqygscd23

  • MD5

    1c2504342bae83ad3b3117a1bb006d49

  • SHA1

    6474f12b70b3e1600d87aee579ffff85b58ffa50

  • SHA256

    f1bbc6281d383ba2445d99eb73c61784dd80dcce0e1a757e64ad98b31017dbd4

  • SHA512

    aff53cbac6d7fdf214aee85fb215f06aef688dd121523ac56eb0b42b32924d11d2503881947d88a48150a3e0abac33c194ff8cee76170964eb7b74aeccc7f307

  • SSDEEP

    3072:RPdr+jYj8SjylT4IX3bzJ+Dhf7fx933ppD3m:tMcj8SI4Dfv35c

Score
8/10
persistence

Malware Config

Targets

    • Target

      f1bbc6281d383ba2445d99eb73c61784dd80dcce0e1a757e64ad98b31017dbd4

    • Size

      103KB

    • MD5

      1c2504342bae83ad3b3117a1bb006d49

    • SHA1

      6474f12b70b3e1600d87aee579ffff85b58ffa50

    • SHA256

      f1bbc6281d383ba2445d99eb73c61784dd80dcce0e1a757e64ad98b31017dbd4

    • SHA512

      aff53cbac6d7fdf214aee85fb215f06aef688dd121523ac56eb0b42b32924d11d2503881947d88a48150a3e0abac33c194ff8cee76170964eb7b74aeccc7f307

    • SSDEEP

      3072:RPdr+jYj8SjylT4IX3bzJ+Dhf7fx933ppD3m:tMcj8SI4Dfv35c

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks