445a411154d63947e7ec88b7cddf4115b5d6a6d44d75108c0735c3868534018e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

softether-vpnclient-v4.28-9669-beta-2018.09.11-windows-x86_x64-intel.exe
Size

43.0MB
Sample

230614-l5pt1aga9y
MD5

7cc085a1f9a283bf42a43d7ad1e65ffb
SHA1

8b519b0518632f0e5563366d29faf0cf5d918e24
SHA256

445a411154d63947e7ec88b7cddf4115b5d6a6d44d75108c0735c3868534018e
SHA512

774bf306f52d78a29713bbd2dcfaf41aeb12565b98127866ad8a9b00f94f5ec338d9f11beec4ed4f4a20153bb2f5349b232f7a6b481c0f3febe87fd90ce4dd8f
SSDEEP

786432:VM9m9BGsmxPhT9WNKTt7YYhZgoYgQByN3wNZEdgJ7jM52VVGAuEEFHnY:G9m9Asm3TcCtfhZgONMEb2VLuEEF4

Score

5^/10

Malware Config

Targets

- Target
  
  softether-vpnclient-v4.28-9669-beta-2018.09.11-windows-x86_x64-intel.exe
- Size
  
  43.0MB
- MD5
  
  7cc085a1f9a283bf42a43d7ad1e65ffb
- SHA1
  
  8b519b0518632f0e5563366d29faf0cf5d918e24
- SHA256
  
  445a411154d63947e7ec88b7cddf4115b5d6a6d44d75108c0735c3868534018e
- SHA512
  
  774bf306f52d78a29713bbd2dcfaf41aeb12565b98127866ad8a9b00f94f5ec338d9f11beec4ed4f4a20153bb2f5349b232f7a6b481c0f3febe87fd90ce4dd8f
- SSDEEP
  
  786432:VM9m9BGsmxPhT9WNKTt7YYhZgoYgQByN3wNZEdgJ7jM52VVGAuEEFHnY:G9m9Asm3TcCtfhZgONMEb2VLuEEF4
Score

5^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2