Overview

overview

7

Static

static

3

IMG001.scr

windows7-x64

7

IMG001.scr

windows10-2004-x64

7

information.vbe

windows7-x64

3

information.vbe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    info.zip

  • Size

    3.4MB

  • Sample

    230620-ttm52ada45

  • MD5

    cbcb58ffe45c202c11bcf2070496aed6

  • SHA1

    b47d1618177b6bc219b8734cd02f9cf7be7aff43

  • SHA256

    7126b9932dc0cdfe751340edfa7c4a14b69262eb1afd0530e6d1fdb2e25986dd

  • SHA512

    97115e8faf2a0554d899f05931d29a99a500ff849d0f3fbf5ab5d36387b8938288e25804b8ef0b031a18ae04fd23e52959737f7b94a369e2fa55922861ef506d

  • SSDEEP

    98304:SyrPvG3UNpYqQLpXhHHeanDebmPL+okjWa1lu/:SyrPO3UDsdXp+z8+FWyE

Score
7/10
persistence

Malware Config

Targets

    • Target

      IMG001.scr

    • Size

      3.4MB

    • MD5

      fbbcf1e9501234d6661a0c9ae6dc01c9

    • SHA1

      1ca9759a324159f331e79ea6871ad62040521b41

    • SHA256

      d9901b16a93aad709947524379d572a7a7bf8e2741e27a1112c95977d4a6ea8c

    • SHA512

      027e5ea6d92955b87439f61704de5b3e21c7a8e0a95327868951968e4f5cbed59cf1e803ac9adb2c9cf577db7a2f6fd4383b7384d57a78596cfb2ff020907140

    • SSDEEP

      98304:M5VPnq1y5tQOM33ZNqCtBixHl54Oyjes1Ro6:2VPq1yLanrqTr43eON

    Score
    7/10
    persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

    • Target

      information.vbe

    • Size

      1KB

    • MD5

      e9ffdb716af3d355b25096a8ed4de8ef

    • SHA1

      66e2b15ba4dbfa127c3ec86abce666870a4a168a

    • SHA256

      30daba44a4a25ff5750508613f897057a55337458f19b562e2ed1172c77e626b

    • SHA512

      f157dc99dfd4c1bec37deba85ed5250f70e169ab2d21b2c75d7d94b4463608c3c74ed9ab773e1359735cb95cb1f38333887d3c8e65c80c0cdfeee8bcb0d019f3

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral3behavioral4

MITRE ATT&CK Enterprise v6

Tasks