Overview

overview

7

Static

static

Presentation.lnk

windows7-x64

3

Presentation.lnk

windows10-2004-x64

7

boardsailing.dll

windows7-x64

3

boardsailing.dll

windows10-2004-x64

3

twogee.bat

windows7-x64

1

twogee.bat

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Downloads.7z

  • Size

    134KB

  • Sample

    221206-vf74qaaa8x

  • MD5

    400f6752217c079af4786135ef716cf6

  • SHA1

    eab45d760dd242aa8d4f77c16981010b7d441641

  • SHA256

    ccbcde2e129c52025b7682182a8587311f50e0bfbad19c4bf7e434769414620b

  • SHA512

    a6d4caf881f19ee8d3e5da46eaa10e545cd7f06c3ab8b9d655758c91069736d4d120a7f1987cf937b6f03b0b121c3806aa2def0cce5e393c750ee965d9875964

  • SSDEEP

    3072:az09RaBdA6UURa9SJZ07pY+MHWcBCFqMzunO7dyaZRdS:kkRrNUcicpY+mvS2OhyapS

Score
7/10

Malware Config

Targets

    • Target

      Presentation.lnk

    • Size

      1KB

    • MD5

      92d5be8e2f7c109131ea21a5944ef46d

    • SHA1

      bac2be8ade36745dd587420be630e2b410a6cb48

    • SHA256

      412e89581dcf55fd6a2c26fb1dbafca0e7f9cd5d214d9420415114f4667ab83f

    • SHA512

      c717f9048573e9d6e62ae1154e8eb879aeac1c819ca1796bab2eeaaca9d4ca3c03498cde98ffeec7b57e7d5643ff5e9a5a75c1c0332354bb85d3555ba83d7e71

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

    • Target

      boardsailing.dll

    • Size

      269KB

    • MD5

      c764812746c3803750c85f670ceb7296

    • SHA1

      cbb8852f9743a6b2698e56d0099e07e8d56dfa21

    • SHA256

      e31ce5e572f9bf121326d8e4ea93c288f009a11dd5d75c043d5648f5ca7d001c

    • SHA512

      34fb5b19c8df385164846cecb08921b84df329443d5e7ab441635a7e449a9a19f466ab432c76e69972a95ee0e43fd4315366db3a6feb4e350f3d0367499b45e1

    • SSDEEP

      6144:dTHJ5BU2WigC+/NZy40onB114x2N8IcuzE7LZ:5DB0igC+/NHB11S2i7d

    Score
    3/10
    behavioral3behavioral4

    • Target

      twogee.bat

    • Size

      1KB

    • MD5

      8ff5fec6eb6663ced3441b2106aed8d2

    • SHA1

      9a495e1971810d70f3fd6e6d928ca1559a8b685e

    • SHA256

      7a989ad4f2f3a0861f48903b005c8dea0c7f5f8e6850c2223ada308da807a585

    • SHA512

      c094337dcc66b66d31de3693bdadc47de9b36859d26117c305b5216c0cb2852e610b00ca67258ae8489f47807c2189a379f0eaab9c9e6c52bd7c286a42a90a63

    Score
    1/10
    behavioral5behavioral6

MITRE ATT&CK Enterprise v6

Tasks