Overview

overview

8

Static

static

7

4d5ca9669c...57.exe

windows7-x64

8

4d5ca9669c...57.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4d5ca9669c83429ef26b33c50a12e992b8b51bebd45bf567905a2e8eb69b2557

  • Size

    591KB

  • Sample

    230609-cyfhbabd4z

  • MD5

    1eab0178be1feabc5bdfa76c93314092

  • SHA1

    19e4855db4c0e311757c56359a91060efea05426

  • SHA256

    4d5ca9669c83429ef26b33c50a12e992b8b51bebd45bf567905a2e8eb69b2557

  • SHA512

    e4ec631156dbc8445ce2ef4eae6ca60cc50c67477d18f8ae1ffdae4a722d03de3a5cb791f5e45c35d99f91b09c1d1d4a877a0024234b5c828372df39d9f7b731

  • SSDEEP

    12288:4alIKgkcOSQ9TuHtrOrUAhtB0H9L4U1MUQhPK7sQSWe:4GgktPO4rUO094VUQFK7sY

Score
8/10
aspackv2

Malware Config

Targets

    • Target

      4d5ca9669c83429ef26b33c50a12e992b8b51bebd45bf567905a2e8eb69b2557

    • Size

      591KB

    • MD5

      1eab0178be1feabc5bdfa76c93314092

    • SHA1

      19e4855db4c0e311757c56359a91060efea05426

    • SHA256

      4d5ca9669c83429ef26b33c50a12e992b8b51bebd45bf567905a2e8eb69b2557

    • SHA512

      e4ec631156dbc8445ce2ef4eae6ca60cc50c67477d18f8ae1ffdae4a722d03de3a5cb791f5e45c35d99f91b09c1d1d4a877a0024234b5c828372df39d9f7b731

    • SSDEEP

      12288:4alIKgkcOSQ9TuHtrOrUAhtB0H9L4U1MUQhPK7sQSWe:4GgktPO4rUO094VUQFK7sY

    Score
    8/10

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

3
T1012

System Information Discovery

4
T1082

Peripheral Device Discovery

1
T1120

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks