Overview

overview

7

Static

static

3

18a3e3b3af...85.exe

windows7-x64

1

18a3e3b3af...85.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    18a3e3b3af00e93deaf4b5e4ff28ab85

  • Size

    316KB

  • Sample

    231230-prfkysbef3

  • MD5

    18a3e3b3af00e93deaf4b5e4ff28ab85

  • SHA1

    0d981677062a756edc8925d5f7ef9671577f718c

  • SHA256

    ec9e93ecd6bee5f1a95cddc12702a0503d23da5cfcb31e784f84c1a157f44bdb

  • SHA512

    7e7a82aa3d6e306527359acd2d387dd9f91635749bdb5244f71e07ace371e588fa84893e26c613f6c49184870c39d188ed709bfc0939d9f8cecba41e8f55eb0e

  • SSDEEP

    6144:2SLvf3f/IM9bdP4RiR0zvj+T2GD8GFfpQAB:2SLf3IqPciR0618GFf7

Score
7/10

Malware Config

Targets

    • Target

      18a3e3b3af00e93deaf4b5e4ff28ab85

    • Size

      316KB

    • MD5

      18a3e3b3af00e93deaf4b5e4ff28ab85

    • SHA1

      0d981677062a756edc8925d5f7ef9671577f718c

    • SHA256

      ec9e93ecd6bee5f1a95cddc12702a0503d23da5cfcb31e784f84c1a157f44bdb

    • SHA512

      7e7a82aa3d6e306527359acd2d387dd9f91635749bdb5244f71e07ace371e588fa84893e26c613f6c49184870c39d188ed709bfc0939d9f8cecba41e8f55eb0e

    • SSDEEP

      6144:2SLvf3f/IM9bdP4RiR0zvj+T2GD8GFfpQAB:2SLf3IqPciR0618GFf7

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

1
T1053

Persistence

Scheduled Task/Job

1
T1053

Privilege Escalation

Scheduled Task/Job

1
T1053

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Resource Development

Reconnaissance

Tasks