General

  • Target

    TokenGen.exe

  • Size

    8.4MB

  • Sample

    240223-p2mr1sga5t

  • MD5

    6ab683496d974568e89cacbc75e8f911

  • SHA1

    9422365d1bdef1232f79ae92897589250a65735b

  • SHA256

    2c77f01d2d3d4e3f32e25437d8afc259e3c5f9e8f40fb8d7688637b11649b682

  • SHA512

    446348fdba1fb4c28e36edac99c6bc1e13eb2af482499ada21030d425e730051a26e8c2ea1d01822bfb596802be489160b8dc52906e86ec7bf2c3b37a63bcdd0

  • SSDEEP

    196608:Ye4IHXzkneX38DXDQ9/tbYPvbJQlHHO2SvJ37n8CS79JjXSKn:9Hy0MDTQ9/kJQlnEc9RC

Malware Config

Targets

    • Target

      TokenGen.exe

    • Size

      8.4MB

    • MD5

      6ab683496d974568e89cacbc75e8f911

    • SHA1

      9422365d1bdef1232f79ae92897589250a65735b

    • SHA256

      2c77f01d2d3d4e3f32e25437d8afc259e3c5f9e8f40fb8d7688637b11649b682

    • SHA512

      446348fdba1fb4c28e36edac99c6bc1e13eb2af482499ada21030d425e730051a26e8c2ea1d01822bfb596802be489160b8dc52906e86ec7bf2c3b37a63bcdd0

    • SSDEEP

      196608:Ye4IHXzkneX38DXDQ9/tbYPvbJQlHHO2SvJ37n8CS79JjXSKn:9Hy0MDTQ9/kJQlnEc9RC

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Registers COM server for autorun

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

    • Target

      TokenGen.pyc

    • Size

      3KB

    • MD5

      e918327d5a721d0be2b9eb5120fde9e0

    • SHA1

      2951b7a21bc5d708b7d04517f491490eaaa4b0a2

    • SHA256

      cdcbaf746361226ef823876715b1fa9e0bccb2c5d087d90ac8bf752b19ad5664

    • SHA512

      89e86e7ba3fdd5f2ce030c80997cc9d67d6d878f4793f15c78d1f20a3f26afb0c4d99d0f48d6ba1e995cfe4de659b67c8d0e7172468d4ce9c61352720a1948e9

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks