fa07cb20796000b002b1b4018bd21c7c664dd1e67b2c927811fb9f11158d9145

Sharing

Copy URL Twitter E-mail

General

Target

Office 2019.zip
Size

12.4MB
Sample

230201-zphyeacb43
MD5

39bd4961fffeed4556602628d858d2f9
SHA1

5d2ca234d2d05017fb37379b7f003853a3428c3a
SHA256

fa07cb20796000b002b1b4018bd21c7c664dd1e67b2c927811fb9f11158d9145
SHA512

4d2827e1c4547f3e59c97dce689c77573dadec21eda1254a91b36690c658849dbde8ce10756af00246dd7852f1e556afe7ba6bbdcba674b5097b05940ef26034
SSDEEP

196608:Fi0DPHn+vZk0S7qBWTLGl1igWuzKf6Nof3iF0Le0Uos3jHOktmbl9oP8payOXDy1:nHn+hkgBWTLc195i6NnCXwz8pab+y8L

Score

8^/10

upx

Malware Config

Targets

- Target
  
  Office 2013-2019 C2R Install v6.4.4/OInstall.exe
- Size
  
  9.5MB
- MD5
  
  f71556138c9eb716330063156db4a6bc
- SHA1
  
  bd91945d407cbeee830c15280c8324459f0ff61a
- SHA256
  
  41ff83c380b958e918c4061c02a6077590d7630a01d7f2f0f448dc1a6fbf284a
- SHA512
  
  259642e8b2398122f00b031f6af4e79a2cea0831b4ef00c0f118f1fd28d32c92122a118921ce2af915f141273a2774ccf9abdfdc596175ac3c190e8f891c139e
- SSDEEP
  
  196608:vp1crEM65aqMLvUcm+oz3BkeBTAUW24t13Dr7m0mitn2xe7gXQZ+3jeRBTfYNCH1:hurEzabjm+4keB0vt1Dr7m0mc2xe7gAN
Score

8^/10

upx
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2
- Target
  
  Office 2013-2019 C2R Install v6.4.4/files/setup.exe
- Size
  
  4.8MB
- MD5
  
  d4a7c7c3c92c4e9bc9bdee1c660e60db
- SHA1
  
  505c2d09923f957f6894f15fa2fd13615de6f4d1
- SHA256
  
  b95ac36a49e79c3e63e23eca86eac3d22acd80363d0f0aa83ba7ee7799acf2a5
- SHA512
  
  50fef647df8a13bc25b2cf5fab995664404953e3385ae0eafea6939c1587743014c0a1d277bc5b4cbad2a56bde92a3854f51cd1dcf7de710f219d15ebe141fbb
- SSDEEP
  
  98304:a0Ocn0xMTpKZKzRm0fxK2I94pXGOU8yhq5utbATwY2hlO:a0lKuppfs4pVU1t0TWl
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral3 behavioral4
- Target
  
  Office 2013-2019 C2R Install v6.4.4/files/x64/cleanospp.exe
- Size
  
  19KB
- MD5
  
  162ab955cb2f002a73c1530aa796477f
- SHA1
  
  d30a0e4e5911d3ca705617d17225372731c770e2
- SHA256
  
  5ce462e5f34065fc878362ba58617fab28c22d631b9d836dddcf43fb1ad4de6e
- SHA512
  
  e0288dcf78092449d9cbaef4488041131925387c1aedc9e9512da0f66efe2fb68350ca3937f6715834e62e7c931c5dad0fc8bc3c6c0c3daedeff356d6feaac2e
- SSDEEP
  
  384:gQAInWKpEFFzpjq37oIOU6GHq33QPiu431VP:gxWTpOFagUb2qiu43P
Score

1^/10
behavioral5 behavioral6
- Target
  
  Office 2013-2019 C2R Install v6.4.4/files/x64/msvcr100.dll
- Size
  
  809KB
- MD5
  
  df3ca8d16bded6a54977b30e66864d33
- SHA1
  
  b7b9349b33230c5b80886f5c1f0a42848661c883
- SHA256
  
  1d1a1ae540ba132f998d60d3622f0297b6e86ae399332c3b47462d7c0f560a36
- SHA512
  
  951b2f67c2f2ef1cfcd4b43bd3ee0e486cdba7d04b4ea7259df0e4b3112e360aefb8dcd058becccacd99aca7f56d4f9bd211075bd16b28c2661d562e50b423f0
- SSDEEP
  
  12288:3gzGPEett9Mw9HfBCddjMb2NQVmTW752fmyyKWeHQGokozS:QzJetPMw9HfBCrMb2Kc6ymyyKWewGzUS
Score

3^/10
behavioral7 behavioral8
- Target
  
  Office 2013-2019 C2R Install v6.4.4/files/x86/cleanospp.exe
- Size
  
  17KB
- MD5
  
  5fd363d52d04ac200cd24f3bcc903200
- SHA1
  
  39ed8659e7ca16aaccb86def94ce6cec4c847dd6
- SHA256
  
  3fdefe2ad092a9a7fe0edf0ac4dc2de7e5b9ce6a0804f6511c06564194966cf9
- SHA512
  
  f8ea73b0cb0a90fac6032a54028c60119022173334e68db3fbd63fe173032dd3fc3b438678064edb8c63d4eceaa72990ce039819df3d547d7d7627ad2eee36b3
- SSDEEP
  
  192:Xdaz2FKIaphXuVX3uKny+gASTGWyQG0eJIL+uVl9tUDY5Kajjtl9w++zOzrPwaur:NbFuUOvAiG0gIVDKDYgmh02HPwzi3An
Score

1^/10
behavioral10 behavioral9
- Target
  
  Office 2013-2019 C2R Install v6.4.4/files/x86/msvcr100.dll
- Size
  
  755KB
- MD5
  
  bf38660a9125935658cfa3e53fdc7d65
- SHA1
  
  0b51fb415ec89848f339f8989d323bea722bfd70
- SHA256
  
  60c06e0fa4449314da3a0a87c1a9d9577df99226f943637e06f61188e5862efa
- SHA512
  
  25f521ffe25a950d0f1a4de63b04cb62e2a3b0e72e7405799586913208bf8f8fa52aa34e96a9cc6ee47afcd41870f3aa0cd8289c53461d1b6e792d19b750c9a1
- SSDEEP
  
  12288:yMmCy3nAgPAxN9ueqix/HEmxsvGrif8ZSy+rdQw2QRAtd74/vmYK6H3BV0eAI:dmCy3KxW3ixPEmxsvGrm8Z6r+JQPzV4I
Score

3^/10
behavioral11 behavioral12

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

UPX packed file

Checks computer location settings

Checks computer location settings

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12