Resubmissions

15/09/2023, 16:13

230915-tn9rvadd6v 6

15/09/2023, 15:58

230915-tewhvsgb73 6

General

  • Target

    ZoomInstallerFull.exe

  • Size

    69.5MB

  • Sample

    230915-tn9rvadd6v

  • MD5

    39695f91ebef3eb60c31e402568994a9

  • SHA1

    20812e9610b50548d379c2bceb2b09f005e2678f

  • SHA256

    731b998955a07f49705a15524a29c69723b1ce085adb93e39fda51832be51010

  • SHA512

    ac99b05abc6371ac5f2f4ef125345074d4971b82943a8aec84af120d38b70e359bd0953c74b424a0d1d29e7d12ca35415bcfc1ac1c3d74c63b9af36c01d3ab10

  • SSDEEP

    1572864:vABGScWxck9LnR+EwwAHxa0rUtV1P8tb5D6pRMSK7IoNleQdHVPZXeTamkX:vazcGJ0EwfHPrUNuJcw7fNfFfXeTM

Malware Config

Targets

    • Target

      ZoomInstallerFull.exe

    • Size

      69.5MB

    • MD5

      39695f91ebef3eb60c31e402568994a9

    • SHA1

      20812e9610b50548d379c2bceb2b09f005e2678f

    • SHA256

      731b998955a07f49705a15524a29c69723b1ce085adb93e39fda51832be51010

    • SHA512

      ac99b05abc6371ac5f2f4ef125345074d4971b82943a8aec84af120d38b70e359bd0953c74b424a0d1d29e7d12ca35415bcfc1ac1c3d74c63b9af36c01d3ab10

    • SSDEEP

      1572864:vABGScWxck9LnR+EwwAHxa0rUtV1P8tb5D6pRMSK7IoNleQdHVPZXeTamkX:vazcGJ0EwfHPrUNuJcw7fNfFfXeTM

    • Adds Run key to start application

    • Drops desktop.ini file(s)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks