Overview

overview

10

Static

static

3

712805a785...c1.exe

windows7-x64

712805a785...c1.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    712805a7852cda5ae9a433c13aab17c1

  • Size

    3.1MB

  • Sample

    240124-chcrgsfffl

  • MD5

    712805a7852cda5ae9a433c13aab17c1

  • SHA1

    3010f96ee9e545f01903ab1a117a1c705021ffff

  • SHA256

    7d99b67304773d0c3c52a472c7469333fcfab81bcbfb5013ac5c7b826342e37a

  • SHA512

    910a699fe19a8b2847a52735d41eeca03ce9b118aff0f3fa369006c18553f1991c676ad24ee44fe8a56ebb8ac354aba3f1a080665f2466faff83224655883128

  • SSDEEP

    24576:ruRcKvWLVblQVxgfm0pB6Umenrp6+QzoTvbrTF5NfGWicfi:DkperpEIPTF5NfGW

Score
10/10
persistence

Malware Config

Extracted

Language
hta
Source
URLs
hta.dropper

http://rtopotr.com/inst.php?id=02909

Targets

    • Target

      712805a7852cda5ae9a433c13aab17c1

    • Size

      3.1MB

    • MD5

      712805a7852cda5ae9a433c13aab17c1

    • SHA1

      3010f96ee9e545f01903ab1a117a1c705021ffff

    • SHA256

      7d99b67304773d0c3c52a472c7469333fcfab81bcbfb5013ac5c7b826342e37a

    • SHA512

      910a699fe19a8b2847a52735d41eeca03ce9b118aff0f3fa369006c18553f1991c676ad24ee44fe8a56ebb8ac354aba3f1a080665f2466faff83224655883128

    • SSDEEP

      24576:ruRcKvWLVblQVxgfm0pB6Umenrp6+QzoTvbrTF5NfGWicfi:DkperpEIPTF5NfGW

    Score
    10/10
    persistence

    • Modifies WinLogon for persistence

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks