Overview

overview

8

Static

static

3

setup.exe

windows10-2004-x64

Resubmissions

26-10-2023 21:19

231026-z592tsgc71 8

26-10-2023 21:13

231026-z27gjahh85 8

26-10-2023 21:05

231026-zxldhahh22 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    setup.exe

  • Size

    1006KB

  • Sample

    231026-z27gjahh85

  • MD5

    f42a201044931eee29a309600b72d456

  • SHA1

    a38c49acdb7c3e0775f2d6dc8b8ea8bd7f32f732

  • SHA256

    55e5131f01e0b4db477326c27139ab59c61f33cceb5de503e874197d23d37ad0

  • SHA512

    53114bf6f50d276b9cf20c67b7044321e64937af327ab67b87f97f10297996a2a4189b8a9c7215b42a4d01a8bbee211680ed111a9d8f12ced136dd774217b858

  • SSDEEP

    12288:T8HjWTxA6M8erwyFeGA8HjWTxA6M8erwyFeGA8HjWTxA6M8erwyFeGA8HjWTxA6H:gK1D9Y7K1D9Y7K1D9Y7K1D9Yg

Score
8/10
evasion

Malware Config

Targets

    • Target

      setup.exe

    • Size

      1006KB

    • MD5

      f42a201044931eee29a309600b72d456

    • SHA1

      a38c49acdb7c3e0775f2d6dc8b8ea8bd7f32f732

    • SHA256

      55e5131f01e0b4db477326c27139ab59c61f33cceb5de503e874197d23d37ad0

    • SHA512

      53114bf6f50d276b9cf20c67b7044321e64937af327ab67b87f97f10297996a2a4189b8a9c7215b42a4d01a8bbee211680ed111a9d8f12ced136dd774217b858

    • SSDEEP

      12288:T8HjWTxA6M8erwyFeGA8HjWTxA6M8erwyFeGA8HjWTxA6M8erwyFeGA8HjWTxA6H:gK1D9Y7K1D9Y7K1D9Y7K1D9Yg

    Score
    8/10
    evasion

    • Blocklisted process makes network request

    • Modifies Windows Firewall

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks