Overview

overview

6

Static

static

1

SlackSetup.exe

windows7-x64

4

SlackSetup.exe

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

General

  • Target

    SlackSetup.exe

  • Size

    123.4MB

  • Sample

    240213-q44c8abd6w

  • MD5

    8a247c636ace3a2ebbab51b9fb693175

  • SHA1

    dc72cb66a79f29313370f33adcc8f3934239ed54

  • SHA256

    7f1f0afb813260a6a2ddc92a22f74df38becfedd467759e6da406139d90e0929

  • SHA512

    37b91d97199b713669a55f003f5e2ed6dece193c7204b7c41a4cd3242f3eaf6c33ca1e559e715c5d415a052952468d9ead0cad69edfcef6c43851138ea96ef08

  • SSDEEP

    3145728:YI09YaQ5PCAhIAiWvroMEmdSUXEvYpKi5jL+G5c:X0WFCA0MDRHAi5jL+Q

Score
6/10
discoverypersistence

Malware Config

Targets

    • Target

      SlackSetup.exe

    • Size

      123.4MB

    • MD5

      8a247c636ace3a2ebbab51b9fb693175

    • SHA1

      dc72cb66a79f29313370f33adcc8f3934239ed54

    • SHA256

      7f1f0afb813260a6a2ddc92a22f74df38becfedd467759e6da406139d90e0929

    • SHA512

      37b91d97199b713669a55f003f5e2ed6dece193c7204b7c41a4cd3242f3eaf6c33ca1e559e715c5d415a052952468d9ead0cad69edfcef6c43851138ea96ef08

    • SSDEEP

      3145728:YI09YaQ5PCAhIAiWvroMEmdSUXEvYpKi5jL+G5c:X0WFCA0MDRHAi5jL+Q

    Score
    6/10
    discoverypersistence

    • Adds Run key to start application

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks