Overview

overview

8

Static

static

a0e42a07aa...f3.exe

windows7-x64

8

a0e42a07aa...f3.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    a0e42a07aaf5eb2ed1d53a44b931c9e13af1ed07b50643e949b639b4543becf3

  • Size

    254KB

  • Sample

    221205-mnm5hsbd34

  • MD5

    154af659dd1cf366188f827bbb1edd1c

  • SHA1

    5c16bbec4249247f9f4379828137352695eedb4e

  • SHA256

    a0e42a07aaf5eb2ed1d53a44b931c9e13af1ed07b50643e949b639b4543becf3

  • SHA512

    5b350326a7cc2df3bb020ed13eff720a15ef7d2d2b58868131d9f1821c51c917a23199c20d4525383e42fd277e57ca1fe9fd353568769c0219775e9c7db0d93f

  • SSDEEP

    6144:7EsIr3bBPmQjbH0fk6Z5LATKyLmjU+2gDJ:7lIrbI0TL6ZJAnWbJDJ

Score
8/10
persistence

Malware Config

Targets

    • Target

      a0e42a07aaf5eb2ed1d53a44b931c9e13af1ed07b50643e949b639b4543becf3

    • Size

      254KB

    • MD5

      154af659dd1cf366188f827bbb1edd1c

    • SHA1

      5c16bbec4249247f9f4379828137352695eedb4e

    • SHA256

      a0e42a07aaf5eb2ed1d53a44b931c9e13af1ed07b50643e949b639b4543becf3

    • SHA512

      5b350326a7cc2df3bb020ed13eff720a15ef7d2d2b58868131d9f1821c51c917a23199c20d4525383e42fd277e57ca1fe9fd353568769c0219775e9c7db0d93f

    • SSDEEP

      6144:7EsIr3bBPmQjbH0fk6Z5LATKyLmjU+2gDJ:7lIrbI0TL6ZJAnWbJDJ

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Sets file execution options in registry

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks for any installed AV software in registry

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks