af34b699b6aa750e58a68516b97b4f8c2f08bd03453a6059f6869847cc63a7bf

Resubmissions

23/02/2024, 15:14

240223-smc6tabh28 7

23/02/2024, 15:12

240223-slfkjscg6w 7

23/02/2024, 15:03

240223-sfh4gsbf66 7

Sharing

Copy URL

Twitter E-mail

General

Target

New Client.exe
Size

396KB
Sample

240223-sfh4gsbf66
MD5

9b5f12b10b471e0a359bc11e50af28db
SHA1

5e42890b6b4a299cd954bf8dabaf75b38522c0b0
SHA256

af34b699b6aa750e58a68516b97b4f8c2f08bd03453a6059f6869847cc63a7bf
SHA512

1fbf71b9121cb141a617a2e14e466fead22da7cc7c672a8e5f79cab929e10a4f578edba06e8340d40d23f51852b33816a67351b6cecf5a5f72410c1bc0d5b773
SSDEEP

12288:+WSeotlIH682B+64kQHam2dNREz9FdOZMJwGuE4QyZom8exsrPR5TE7D0XuDTT:+WSmpL

Score

7^/10

persistence upx

Malware Config

Targets

- Target
  
  New Client.exe
- Size
  
  396KB
- MD5
  
  9b5f12b10b471e0a359bc11e50af28db
- SHA1
  
  5e42890b6b4a299cd954bf8dabaf75b38522c0b0
- SHA256
  
  af34b699b6aa750e58a68516b97b4f8c2f08bd03453a6059f6869847cc63a7bf
- SHA512
  
  1fbf71b9121cb141a617a2e14e466fead22da7cc7c672a8e5f79cab929e10a4f578edba06e8340d40d23f51852b33816a67351b6cecf5a5f72410c1bc0d5b773
- SSDEEP
  
  12288:+WSeotlIH682B+64kQHam2dNREz9FdOZMJwGuE4QyZom8exsrPR5TE7D0XuDTT:+WSmpL
Score

7^/10

persistence upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2 behavioral3 behavioral4 behavioral5

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Checks computer location settings

Drops startup file

Executes dropped EXE

UPX packed file

Adds Run key to start application

Enumerates connected drives

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5