8d64bca51aa15a63b75251877b9e89825408baaf414dd7095bc0517861ace91b

Resubmissions

21/09/2023, 13:08

230921-qdam8agb61 7

21/09/2023, 12:59

230921-p8h3eagb3y 7

Sharing

Copy URL Twitter E-mail

General

Target

Setup_77247.zip
Size

16.6MB
Sample

230921-qdam8agb61
MD5

72e075f5ebcde15d0b421ddb997d72c1
SHA1

4f330f0fed09f30a44abedb56083435104dfb195
SHA256

8d64bca51aa15a63b75251877b9e89825408baaf414dd7095bc0517861ace91b
SHA512

aeea1357d9cd546380c3d30914a5e547d7f63cd8763a7a3899bf858bb25aa083b2772a54fd95a343be31e00507be9e9392845e184e37e3e112e1dddd3ff893d6
SSDEEP

393216:KlxfxYq52AlgYeJ86QpTILwFLCWGqbnhtBFih:AXBAmpUkFPVbnhtPu

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  Install_0023.exe
- Size
  
  18.8MB
- MD5
  
  658789b3ffd40c753a16e5c031c2565e
- SHA1
  
  b65e261c26926e51e83924d32a0769da90dbeff6
- SHA256
  
  206e86c561096b7b5143a40c1ee5c690f52ea6b52d159f3a4c205d0268fbd568
- SHA512
  
  63f8db42dd817064f9ebd1fdf14f7180b3d8e2a6b83c5e5ebfcb8a047f627312303d56b4cbc185157a20eb8ad0b982d2826a203aed56624d5211d38bf24032f7
- SSDEEP
  
  393216:vbTFNeAzQYkfasSd74vafHgwMUV/zJTRyP:zTFUkdMCvvPV/zJF4
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

Registers COM server for autorun

Checks installed software on the system

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2