General

  • Target

    xx.exe

  • Size

    3MB

  • Sample

    230320-fx5mlaea5s

  • MD5

    50298c571eeb5d3c9dbb5945f5692d2d

  • SHA1

    82817defaabee93a9d15c78e763137c4c2d1dcb4

  • SHA256

    6ae296e1d6faefa0851a7f40736d4404409eb1fa3e2b884664a1cc6f1107bb47

  • SHA512

    8a953c3c14c30532cfad0f5c83cd3f267d0625dc333d3510647e3ab82c0ad7c27fe1548ea75975be8f28e64a1c3104c7729858a31fbed9c24957a15d56a44f3b

  • SSDEEP

    49152:53wqqmcOSW0FONVReXFYYjSpHl9r9zzoMr6YNDsxmDb7S1xR+VXHxasznBKWKv:53wqZDjcL8rf6YNoxmDbm1xR

Score
8/10

Malware Config

Targets

    • Target

      xx.exe

    • Size

      3MB

    • MD5

      50298c571eeb5d3c9dbb5945f5692d2d

    • SHA1

      82817defaabee93a9d15c78e763137c4c2d1dcb4

    • SHA256

      6ae296e1d6faefa0851a7f40736d4404409eb1fa3e2b884664a1cc6f1107bb47

    • SHA512

      8a953c3c14c30532cfad0f5c83cd3f267d0625dc333d3510647e3ab82c0ad7c27fe1548ea75975be8f28e64a1c3104c7729858a31fbed9c24957a15d56a44f3b

    • SSDEEP

      49152:53wqqmcOSW0FONVReXFYYjSpHl9r9zzoMr6YNDsxmDb7S1xR+VXHxasznBKWKv:53wqZDjcL8rf6YNoxmDbm1xR

    Score
    8/10
    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

3
T1012

System Information Discovery

4
T1082

Peripheral Device Discovery

1
T1120

Tasks