Overview

overview

7

Static

static

1

Zip/7z2201-x64.exe

windows7-x64

7

Zip/7z2201-x64.exe

windows10-2004-x64

1

Zip/S0ftware-2023.rar

windows7-x64

3

Zip/S0ftware-2023.rar

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Zip.zip

  • Size

    21.5MB

  • Sample

    230221-jrv3raea78

  • MD5

    603443efc11934bc2c7589e7e958a88f

  • SHA1

    dddb109c9913e65cbaa0b58c3cb89bb0349dbc58

  • SHA256

    7bfb457debeaf98049b7eff044aac24fedfe181e09a8d6bb9626723d9ce2ad83

  • SHA512

    42e4ffc61fad2656a9405d8c90b824c62ac8447d8f9a7c1d325dceb3f65a9506e955ed4502ed550cd15c126dbb30604d5132914b8331dee3f4285d1f699339b8

  • SSDEEP

    393216:g01LWpLAc17i4XaRbEXuj/j5R+c/9StwP49HMNBhvCAzdrkDGY6iT4BHVQL:C1OvbEWDVVSKvBRdNb5BHVS

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      Zip/7z2201-x64.exe

    • Size

      1.5MB

    • MD5

      a6a0f7c173094f8dafef996157751ecf

    • SHA1

      c0dcae7c4c80be25661d22400466b4ea074fc580

    • SHA256

      b055fee85472921575071464a97a79540e489c1c3a14b9bdfbdbab60e17f36e4

    • SHA512

      965d43f06d104bf6707513c459f18aaf8b049f4a043643d720b184ed9f1bb6c929309c51c3991d5aaff7b9d87031a7248ee3274896521abe955d0e49f901ac94

    • SSDEEP

      24576:mGIyixBMj+/A2d+UKnvT+LwZWj7iDDVVYrz0rbzGTw3DoA/sk6smE:mGbj+/BpKnvyIxVV/XDoAfmE

    Score
    7/10
    discoverypersistence

    • Loads dropped DLL

    • Registers COM server for autorun

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

    • Target

      Zip/S0ftware-2023.rar

    • Size

      20.0MB

    • MD5

      8fd7325fb9bb7438ef7c4a03ee773ff3

    • SHA1

      ba056d2bf72b75bd3f354aa3aac13741e2faeac0

    • SHA256

      f40319abf90d7f6285508f79f9cd683ed40095d1e92195e17f709645d5f086d3

    • SHA512

      e6132218a3779400e7c7aa53acb2aeae08bdc53409d562e25ed98beccca82aec2a4eb0df16c64d6d31d153c74f3fea51f085f308abeb11dd4718476ce4fc5f16

    • SSDEEP

      393216:rWpLAc17i4XaRbEXuj/j5R+c/9StwP49HMNBhvCAzdrkDGY6iT4BHVQ9:k1OvbEWDVVSKvBRdNb5BHVK

    Score
    3/10
    behavioral3behavioral4

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks