Overview

overview

7

Static

static

3

StartSetup_20221.exe

windows7-x64

7

StartSetup_20221.exe

windows10-2004-x64

7

Resubmissions

02/07/2023, 09:04

230702-k1y2facb9x 7

02/07/2023, 08:58

230702-kw5y7abb23 7

Sharing

Copy URL Twitter E-mail

General

  • Target

    StartSetup_20221.exe

  • Size

    18.4MB

  • Sample

    230702-kw5y7abb23

  • MD5

    75940e4f81cb53b42a360a99b8e3d28d

  • SHA1

    99c645179e44bfa80114055ce4268e7ed1f34d7b

  • SHA256

    96fa171c087fcbac6811c01f023e88d4eee8ccc16a1ed29f4ad364785666b671

  • SHA512

    e115e632749498f6a3de7b3b2062bd0fab81a6fb19c652c0ccd53d8809804122d1a19e57da1d68945c0d3ddbcfc8354eedb4e2d64c8844f1b13b913b0cbab908

  • SSDEEP

    393216:gbKii/SuEdN3EZIMGQosDeM4yTpEFgG7DrhtIQ:gWB/LWMCkSFgG7D1tL

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      StartSetup_20221.exe

    • Size

      18.4MB

    • MD5

      75940e4f81cb53b42a360a99b8e3d28d

    • SHA1

      99c645179e44bfa80114055ce4268e7ed1f34d7b

    • SHA256

      96fa171c087fcbac6811c01f023e88d4eee8ccc16a1ed29f4ad364785666b671

    • SHA512

      e115e632749498f6a3de7b3b2062bd0fab81a6fb19c652c0ccd53d8809804122d1a19e57da1d68945c0d3ddbcfc8354eedb4e2d64c8844f1b13b913b0cbab908

    • SSDEEP

      393216:gbKii/SuEdN3EZIMGQosDeM4yTpEFgG7DrhtIQ:gWB/LWMCkSFgG7D1tL

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Registers COM server for autorun

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks