Overview

overview

8

Static

static

3

58cbe9a20b...33.exe

windows7-x64

8

58cbe9a20b...33.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    58cbe9a20b53d89afaf40c0ef190b033

  • Size

    527KB

  • Sample

    240113-nggvlaaaa3

  • MD5

    58cbe9a20b53d89afaf40c0ef190b033

  • SHA1

    4f9fbde2fc0c8b414507f5c564f609890f3b1716

  • SHA256

    210f98b944421ed95d192ff591c5eb4992760bd7112674c78851f6ae286f20ab

  • SHA512

    97363820fb6adffe9046cd36689d65be2065afedd7178e0b3acf4d059e080b4c0592f6ceb08749eeb82e88fb07ba6a7f8ef6bcc134d204c2094d12d2759c7143

  • SSDEEP

    6144:6ZOYqQOHwd4Z6aeUT75+niG7sPFpWmU0rLHKQMNbuHy6BEXb3zXBJXtPP5kU4n3U:6ZGQKZ7r1y7kr2xNBtfftPmUEs+zC

Score
8/10
evasionpersistence

Malware Config

Targets

    • Target

      58cbe9a20b53d89afaf40c0ef190b033

    • Size

      527KB

    • MD5

      58cbe9a20b53d89afaf40c0ef190b033

    • SHA1

      4f9fbde2fc0c8b414507f5c564f609890f3b1716

    • SHA256

      210f98b944421ed95d192ff591c5eb4992760bd7112674c78851f6ae286f20ab

    • SHA512

      97363820fb6adffe9046cd36689d65be2065afedd7178e0b3acf4d059e080b4c0592f6ceb08749eeb82e88fb07ba6a7f8ef6bcc134d204c2094d12d2759c7143

    • SSDEEP

      6144:6ZOYqQOHwd4Z6aeUT75+niG7sPFpWmU0rLHKQMNbuHy6BEXb3zXBJXtPP5kU4n3U:6ZGQKZ7r1y7kr2xNBtfftPmUEs+zC

    Score
    8/10
    evasionpersistence

    • Disables Task Manager via registry modification

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks