Overview

overview

7

Static

static

3

viploda.jpg.scr

windows7-x64

7

viploda.jpg.scr

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    54c0166fd93f96428ba4c9dd2513fd2f

  • Size

    414KB

  • Sample

    240111-2dnqmahffq

  • MD5

    54c0166fd93f96428ba4c9dd2513fd2f

  • SHA1

    d6a65472fdc0ba8d0c086e47a97390d55b39e330

  • SHA256

    cca0cd6e9d5bf2ef48dcecc6f1f0256e73d717b03cd7de7a6f54dfa0e3a79497

  • SHA512

    0f74392a62ae45da6911190e0754e0598c960c7065b6153ba6e0a90c21da888b94374d851fa5304fe1114054bf9d3beb4ba6f98cde8c9bccf01779ed5a703e07

  • SSDEEP

    6144:uxzA9CSCRdJpVp6E2EYdgQKn5c2yx2Ov9PjQQrj/G/+X0l7lBxd1jbrJ1VaYqFFz:uWCRd7ddv/MjQkG/+G7lB7BrJWFJ

Score
7/10
persistence

Malware Config

Targets

    • Target

      viploda.jpg.scr

    • Size

      463KB

    • MD5

      cfdd4726e6876dc023c8cca47fb47000

    • SHA1

      9ff53c8720eaa6a8673fcab24e44748121917c12

    • SHA256

      ac9456fd1081cfcb0136f5e9b4cc83e833b3d758a864aa533f4626d13482a4a4

    • SHA512

      3673348231fb1cddafbb33580cd57693e0112d6f1e3e9eb6415b70506d9b4066f05e79ef7fe8ee0e0419920f5635db198ba00ba87be6b36896da9c86b547529b

    • SSDEEP

      12288:3V+mzCIOvveHeBqXg3nX+z5/ZDKYiMvZwmp:38LNHDKgH+zvWYiwZvp

    Score
    7/10
    persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks