73bf12bc7899244509130edfd84c146d3b0f77a69550ef4ff34d6f51966f79d3

Resubmissions

26-04-2023 21:52

230426-1q5n8sdh2t 8

26-04-2023 21:16

26-04-2023 20:50

26-04-2023 20:46

26-04-2023 04:32

26-04-2023 04:29

Sharing

Copy URL

Twitter E-mail

General

Target

dezz.exe
Size

365B
Sample

230426-zkfx9adf3v
MD5

21579951a326c9dc08a51fe364344914
SHA1

7981c5d563ef63956259016174fb5f023e0d8604
SHA256

73bf12bc7899244509130edfd84c146d3b0f77a69550ef4ff34d6f51966f79d3
SHA512

db2bb92685631ed125a7ace9795e346b52c72bec778716d8dbaa4f1f39011f79eebe9497393fde7b2eb7a5321534bde7a88164dc6ca6de3ecf889c3367f74fee

Score

7^/10

Malware Config

Targets

- Target
  
  dezz.exe
- Size
  
  365B
- MD5
  
  21579951a326c9dc08a51fe364344914
- SHA1
  
  7981c5d563ef63956259016174fb5f023e0d8604
- SHA256
  
  73bf12bc7899244509130edfd84c146d3b0f77a69550ef4ff34d6f51966f79d3
- SHA512
  
  db2bb92685631ed125a7ace9795e346b52c72bec778716d8dbaa4f1f39011f79eebe9497393fde7b2eb7a5321534bde7a88164dc6ca6de3ecf889c3367f74fee
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Registers COM server for autorun
  persistence
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks system information in the registry
  System information is often read in order to detect sandboxing environments.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Change Default File Association

T1042

Registry Run Keys / Startup Folder

T1060

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

Modifies system executable filetype association

Registers COM server for autorun

Adds Run key to start application

Checks installed software on the system

Checks system information in the registry

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3