Overview

overview

8

Static

static

1

FileZilla_...up.exe

windows7-x64

4

FileZilla_...up.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    MDE_File_Sample_ca0f79551fd7de4d0daee4e1b082d10cd59d9a23.zip

  • Size

    11.6MB

  • Sample

    230601-xpzvtagc6y

  • MD5

    4a542ed240dcdf884420f9ac6ead8ddb

  • SHA1

    3b1688614ac25610b0b88f401fd1a6a73b91fccf

  • SHA256

    9ace63e29972a6cc648c1b4da3d94fa55760ccca00a1aab310cda1adff5bc9c0

  • SHA512

    2bbfa0695a33d6017ceb3a31793fef90f7c3118959a102a0a3e04a565caa9823cd65742c79b574f62f524cbbfdc7fbe42f41ad5db386596af91319e5aab42ee7

  • SSDEEP

    196608:0+VhVJaCPAQGAWvPoZ9wMBzgdKyJ3ldUCTlydShEDsroAG7Cz9SdxzB/5ATT:HJV9WvQZ9wMBzg3GolKqsbnyQxzB/AT

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      FileZilla_3.64.0_win64_sponsored-setup.exe

    • Size

      11.6MB

    • MD5

      58fcf645b126130b35a5683623d1d5f8

    • SHA1

      ca0f79551fd7de4d0daee4e1b082d10cd59d9a23

    • SHA256

      130adf2c3a50bcf9a463e59c4a4970fa7b76e6df0027cba42323647d5f8e8f82

    • SHA512

      00c624eceace6cb8cd10c0d54b05f110be266056475627799f218ba83faa64dfe20f933d639f9244af35832ad659f532f6fcae151c3938916281e3b016d1ef9e

    • SSDEEP

      196608:JK12OwJLeiAnFIakfh4+uWl3rZJLLdPKDkvr+vmx36h6GkeQ0vJl:JKsvL1FfZuI3dXiDoivmxKrl

    Score
    8/10
    discoverypersistence

    • Creates new service(s)

      persistence

    • Downloads MZ/PE file

    • Drops file in Drivers directory

    • Adds Run key to start application

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks