Overview

overview

7

Static

static

1

CISCO MAR -2023.exe

windows7-x64

7

CISCO MAR -2023.exe

windows10-2004-x64

7

Resubmissions

16/03/2023, 08:52

230316-ksvdaacc8y 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    CISCO MAR -2023.exe

  • Size

    224KB

  • Sample

    230316-ksvdaacc8y

  • MD5

    b6404da30cc21b244a101b0a23a14709

  • SHA1

    2d5ebc54fe027cada7eea7de141349229186df72

  • SHA256

    1bfecb5ea2cf955666f415d4c6a514f7c15b07629feb99caff3a09f94c1cbeb2

  • SHA512

    a7d62064220958d16f0981efa13689333e84d0e054db97a665d0c5e8916b237e05d6476ad1f7280eb4a59be7758f2f4ba4b6fac2d0981ceeb996b08360bf415e

  • SSDEEP

    3072:X3BPXZf7nECworDBqhElSksQ9na/tK88sWR:X3znqksQRa/8vxR

Score
7/10

Malware Config

Targets

    • Target

      CISCO MAR -2023.exe

    • Size

      224KB

    • MD5

      b6404da30cc21b244a101b0a23a14709

    • SHA1

      2d5ebc54fe027cada7eea7de141349229186df72

    • SHA256

      1bfecb5ea2cf955666f415d4c6a514f7c15b07629feb99caff3a09f94c1cbeb2

    • SHA512

      a7d62064220958d16f0981efa13689333e84d0e054db97a665d0c5e8916b237e05d6476ad1f7280eb4a59be7758f2f4ba4b6fac2d0981ceeb996b08360bf415e

    • SSDEEP

      3072:X3BPXZf7nECworDBqhElSksQ9na/tK88sWR:X3znqksQRa/8vxR

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks