Overview

overview

8

Static

static

1

Install-Go...ta.exe

windows7-x64

8

Install-Go...ta.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    Install-GooglePlayGames-Beta.exe

  • Size

    1.3MB

  • Sample

    230718-t6thkscc84

  • MD5

    a0fd3f9ada04cb31b070a19e61053a74

  • SHA1

    7e098172e9389040f8ffb716edc158dcf9b08338

  • SHA256

    55708b4005092406b249a449e860135a408775ba5a90d71ead7650fdd73137fb

  • SHA512

    c21de4ba3f094a0b13e28694d7248f4eeb28dcd77fdc5de2535c04c71c47f83b3d68514b0bbe854dec02448e8baf28ca2d96a73367dba1812b559538053a80b3

  • SSDEEP

    24576:uJvKAN7MDBVaEJT84t6ve/K03KzStZdnQYwHFeP8x7PQhdrQdE2ttC:KKe7OVje7ve/HxQYwlWa7S4tC

Score
8/10
discoveryevasionpersistence

Malware Config

Targets

    • Target

      Install-GooglePlayGames-Beta.exe

    • Size

      1.3MB

    • MD5

      a0fd3f9ada04cb31b070a19e61053a74

    • SHA1

      7e098172e9389040f8ffb716edc158dcf9b08338

    • SHA256

      55708b4005092406b249a449e860135a408775ba5a90d71ead7650fdd73137fb

    • SHA512

      c21de4ba3f094a0b13e28694d7248f4eeb28dcd77fdc5de2535c04c71c47f83b3d68514b0bbe854dec02448e8baf28ca2d96a73367dba1812b559538053a80b3

    • SSDEEP

      24576:uJvKAN7MDBVaEJT84t6ve/K03KzStZdnQYwHFeP8x7PQhdrQdE2ttC:KKe7OVje7ve/HxQYwlWa7S4tC

    Score
    8/10
    persistencediscoveryevasion

    • Downloads MZ/PE file

    • Modifies Windows Firewall

      evasion

    • Sets file execution options in registry

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks