Overview

overview

7

Static

static

3

IMP-MMO-0208.exe

windows7-x64

7

IMP-MMO-0208.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    IMP-MMO-0208.exe

  • Size

    346KB

  • Sample

    231128-j3dmvagc96

  • MD5

    0d6f9bf68f8ddb1be846dfe11dafa819

  • SHA1

    a7e4ab95599e17b43571bc21cd98e0b350dc2c59

  • SHA256

    df7104bd49961e1ae6e3741221e0cb3b5a8744f945533060910a076fe1aadf66

  • SHA512

    bce42022878f77a25342bad3228bf913ba69d1bad09c243f070b19abcf998f44eb37459fc969c657e5d3246923106d546bba16854055ad2180bec120dee7cadb

  • SSDEEP

    6144:qBlL/e2xIR8lf98JrWKq/BViyyAt7lKmeiUC8zhoSSMidXI8sSVHkvD8:Q0EfirXqRgZiSS14lSBkQ

Score
7/10

Malware Config

Targets

    • Target

      IMP-MMO-0208.exe

    • Size

      346KB

    • MD5

      0d6f9bf68f8ddb1be846dfe11dafa819

    • SHA1

      a7e4ab95599e17b43571bc21cd98e0b350dc2c59

    • SHA256

      df7104bd49961e1ae6e3741221e0cb3b5a8744f945533060910a076fe1aadf66

    • SHA512

      bce42022878f77a25342bad3228bf913ba69d1bad09c243f070b19abcf998f44eb37459fc969c657e5d3246923106d546bba16854055ad2180bec120dee7cadb

    • SSDEEP

      6144:qBlL/e2xIR8lf98JrWKq/BViyyAt7lKmeiUC8zhoSSMidXI8sSVHkvD8:Q0EfirXqRgZiSS14lSBkQ

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks