Overview

overview

7

Static

static

3

Eka2DPeli.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    Eka2DPeli.exe

  • Size

    142KB

  • Sample

    231011-r2vhzafe93

  • MD5

    c942cdbc8da5c9739c5c017ce8499d86

  • SHA1

    f09f39aa6eba96208472c629812bb67c90e4b3a6

  • SHA256

    0439df1087ebaafb113630b9cb02ae1fcd61066612648d92893fb8378fd2f1ce

  • SHA512

    530e8facc73814ecd0e39e7b5dc523c472370462906887caaddfe4e499afbc0f6c0160155a8e6e01e0596377127568a40a4220fd3751c95a9231cbf98f59a457

  • SSDEEP

    3072:S6C/mA8i1vh/JOLgv1iwVe1UhL5/HvrLzP4VOcd5AE:Spdrvhhzv1te1Uh1f7O

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      Eka2DPeli.exe

    • Size

      142KB

    • MD5

      c942cdbc8da5c9739c5c017ce8499d86

    • SHA1

      f09f39aa6eba96208472c629812bb67c90e4b3a6

    • SHA256

      0439df1087ebaafb113630b9cb02ae1fcd61066612648d92893fb8378fd2f1ce

    • SHA512

      530e8facc73814ecd0e39e7b5dc523c472370462906887caaddfe4e499afbc0f6c0160155a8e6e01e0596377127568a40a4220fd3751c95a9231cbf98f59a457

    • SSDEEP

      3072:S6C/mA8i1vh/JOLgv1iwVe1UhL5/HvrLzP4VOcd5AE:Spdrvhhzv1te1Uh1f7O

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Registers COM server for autorun

      persistence

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks