Overview

overview

7

Static

static

3

5c48416137...f0.exe

windows7-x64

7

5c48416137...f0.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5c48416137b42e268fa414ca3e5223f0

  • Size

    4.2MB

  • Sample

    240115-gepdbsbdc6

  • MD5

    5c48416137b42e268fa414ca3e5223f0

  • SHA1

    b4479ec4a7c02bff1f9f1431edb38cebc1ac1092

  • SHA256

    545973de41aaeec424949975a6477ec58259be8c5d4b41ab57a9f5184cd367db

  • SHA512

    c17b53a35d6f802ae5044b966567177dd8c9dde9b3e64656b90280071cc06228f75fd77e96caad023049070a07948e9983664b2113ae3a8c84bcdb8069e34f6d

  • SSDEEP

    98304:1eMwdPjC59yJ7dECQ4J1rRf9n96EXKoIrDuL1H8d:rmPjSUf9n97XKCa

Score
7/10

Malware Config

Targets

    • Target

      5c48416137b42e268fa414ca3e5223f0

    • Size

      4.2MB

    • MD5

      5c48416137b42e268fa414ca3e5223f0

    • SHA1

      b4479ec4a7c02bff1f9f1431edb38cebc1ac1092

    • SHA256

      545973de41aaeec424949975a6477ec58259be8c5d4b41ab57a9f5184cd367db

    • SHA512

      c17b53a35d6f802ae5044b966567177dd8c9dde9b3e64656b90280071cc06228f75fd77e96caad023049070a07948e9983664b2113ae3a8c84bcdb8069e34f6d

    • SSDEEP

      98304:1eMwdPjC59yJ7dECQ4J1rRf9n96EXKoIrDuL1H8d:rmPjSUf9n97XKCa

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks