Overview

overview

10

Static

static

3

SecuriteIn...70.xll

windows7-x64

7

SecuriteIn...70.xll

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    SecuriteInfo.com.Trojan.Win64.Alien.bzz.5417.18070.exe

  • Size

    12KB

  • Sample

    231011-sz53csgb7t

  • MD5

    b9339d13abe7e19f0281b026c3ac0c9e

  • SHA1

    d841ff776679436d136c01b3f4dc7b555e8db715

  • SHA256

    167c0455c2aa485fc50e6062d10629ca84ae9af29296ccd5da60e4c66e6bbbe1

  • SHA512

    d409250b158704db614bdabb1b00c8b2a0e8df074faf5b95d3ab64b3c0b44219b79b7bd11508806f01a676269094c0c9d21f330b1641ca2815bc398a97867e49

  • SSDEEP

    192:uU5z9iLjq2pJk+/qcJklyJOEdTLsWGQwrgAh:3z9AbJH/IwJOsc/QwrgC

Score
10/10

Malware Config

Targets

    • Target

      SecuriteInfo.com.Trojan.Win64.Alien.bzz.5417.18070.exe

    • Size

      12KB

    • MD5

      b9339d13abe7e19f0281b026c3ac0c9e

    • SHA1

      d841ff776679436d136c01b3f4dc7b555e8db715

    • SHA256

      167c0455c2aa485fc50e6062d10629ca84ae9af29296ccd5da60e4c66e6bbbe1

    • SHA512

      d409250b158704db614bdabb1b00c8b2a0e8df074faf5b95d3ab64b3c0b44219b79b7bd11508806f01a676269094c0c9d21f330b1641ca2815bc398a97867e49

    • SSDEEP

      192:uU5z9iLjq2pJk+/qcJklyJOEdTLsWGQwrgAh:3z9AbJH/IwJOsc/QwrgC

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks