Overview

overview

10

Static

static

SOA.exe

windows7-x64

10

SOA.exe

windows10-2004-x64

10

Resubmissions

06-01-2023 00:39

230106-aztefsdg69 10

06-01-2023 00:31

230106-at5kjadg59 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SOA.exe

  • Size

    1.1MB

  • Sample

    230106-at5kjadg59

  • MD5

    f890903c9b2fa054a4b22b4240870db2

  • SHA1

    06ed4e7131287fcf01e49834180567daf9a13240

  • SHA256

    a0c77b9f372d94ae8cbc32b27d319491cb65001b12963bc68b96b8caaf10dfa0

  • SHA512

    b230749492b8d3ceb0824badc423c163c706df0c464849950523f2bedefa2ed7f50de83ee403611f1c5559f154f0fed7335310d23233701625de65bc09b9e883

  • SSDEEP

    12288:xJEPCBEYJmzdicP0bYzJfKMVvS1yIuDBXolPu3fgzHIGEoTCqEUbeSh39W+ll8nO:rCJRVXbe8REgRJrn85cMNd

Score
10/10
collectionevasionpersistencetrojan

Malware Config

Targets

    • Target

      SOA.exe

    • Size

      1.1MB

    • MD5

      f890903c9b2fa054a4b22b4240870db2

    • SHA1

      06ed4e7131287fcf01e49834180567daf9a13240

    • SHA256

      a0c77b9f372d94ae8cbc32b27d319491cb65001b12963bc68b96b8caaf10dfa0

    • SHA512

      b230749492b8d3ceb0824badc423c163c706df0c464849950523f2bedefa2ed7f50de83ee403611f1c5559f154f0fed7335310d23233701625de65bc09b9e883

    • SSDEEP

      12288:xJEPCBEYJmzdicP0bYzJfKMVvS1yIuDBXolPu3fgzHIGEoTCqEUbeSh39W+ll8nO:rCJRVXbe8REgRJrn85cMNd

    Score
    10/10
    collectionevasionpersistencetrojan

    • UAC bypass

      evasiontrojan

    • Windows security bypass

      evasiontrojan

    • Sets service image path in registry

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Windows security modification

      evasiontrojan

    • Accesses Microsoft Outlook profiles

      collection

    • Checks whether UAC is enabled

      evasiontrojan

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks