Overview

overview

7

Static

static

3

server.exe

windows7-x64

7

server.exe

windows10-2004-x64

7

server.exe

windows11-21h2-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    server.exe

  • Size

    1.4MB

  • Sample

    240106-pdmgcagabn

  • MD5

    badc8cbde455d9b56fbe91c28f986ba3

  • SHA1

    7fe5d8b6c33a37d02decea07f6ce3a880f659ac1

  • SHA256

    d2a44fcb2c471c4e1c8ef74dc87dcade91c0d04d9b23d557b2a3d2ffd0202d27

  • SHA512

    47c33947a18c5b7c62f880eecb1ed795c4ab72166afdc3347570b796731b3002eb424c8c0fc346477a53cb077e04658340eaedc9292941a0cfc9bcdcf8806893

  • SSDEEP

    24576:oxLsMs8WdUS88xLsMs8WdUS88TsQfxLsMs8WdUS8ysxLsMs8WdUS82lQTTXZ:MsldsAsldss9sldsyQslds2liTJ

Score
7/10

Malware Config

Targets

    • Target

      server.exe

    • Size

      1.4MB

    • MD5

      badc8cbde455d9b56fbe91c28f986ba3

    • SHA1

      7fe5d8b6c33a37d02decea07f6ce3a880f659ac1

    • SHA256

      d2a44fcb2c471c4e1c8ef74dc87dcade91c0d04d9b23d557b2a3d2ffd0202d27

    • SHA512

      47c33947a18c5b7c62f880eecb1ed795c4ab72166afdc3347570b796731b3002eb424c8c0fc346477a53cb077e04658340eaedc9292941a0cfc9bcdcf8806893

    • SSDEEP

      24576:oxLsMs8WdUS88xLsMs8WdUS88TsQfxLsMs8WdUS8ysxLsMs8WdUS82lQTTXZ:MsldsAsldss9sldsyQslds2liTJ

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2behavioral3

MITRE ATT&CK Enterprise v15

Tasks