Overview

overview

8

Static

static

1

clash-of-c...81.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    clash-of-clans-1.0.12067.123-installer_U9-aR81.exe

  • Size

    1.7MB

  • Sample

    230403-la2v3sfc6w

  • MD5

    8c5ce85a467924e907c46dee684dee58

  • SHA1

    5eeaf6c2228f808a5dc40d7b6340cedc3a002e75

  • SHA256

    66ffa7f958b2dc966dd9f2359d4254c58f798a4a5e9e549adbd8a1cfdbedc73e

  • SHA512

    529c6a7917b58fa40567ff6185bc10bb61fc6f0bbc564805e318fb5f3038fc79091103b7d25b4edc8cdbe5953be6d97d5cd7319fcf688c8a3c9668429af3170d

  • SSDEEP

    24576:D7FUDowAyrTVE3U5Fmr9PamvXdPaJPfrT90eKc4cgFLNPfs8duMpmsDck:DBuZrEU0vNwPH9RHgFLRdp/3

Score
8/10
bootkitdiscoverypersistence

Malware Config

Targets

    • Target

      clash-of-clans-1.0.12067.123-installer_U9-aR81.exe

    • Size

      1.7MB

    • MD5

      8c5ce85a467924e907c46dee684dee58

    • SHA1

      5eeaf6c2228f808a5dc40d7b6340cedc3a002e75

    • SHA256

      66ffa7f958b2dc966dd9f2359d4254c58f798a4a5e9e549adbd8a1cfdbedc73e

    • SHA512

      529c6a7917b58fa40567ff6185bc10bb61fc6f0bbc564805e318fb5f3038fc79091103b7d25b4edc8cdbe5953be6d97d5cd7319fcf688c8a3c9668429af3170d

    • SSDEEP

      24576:D7FUDowAyrTVE3U5Fmr9PamvXdPaJPfrT90eKc4cgFLNPfs8duMpmsDck:DBuZrEU0vNwPH9RHgFLRdp/3

    Score
    8/10
    bootkitdiscoverypersistence

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks