Overview

overview

7

Static

static

3

027224e42d...20.exe

windows7-x64

7

027224e42d...20.exe

windows10-2004-x64

7

$PLUGINSDIR/inst.exe

windows7-x64

1

$PLUGINSDIR/inst.exe

windows10-2004-x64

6

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    027224e42ddba610a50c3bd948d8c81d824de1adc8d031808c6a65d3c291ac20

  • Size

    199KB

  • Sample

    240309-v66nkseb9s

  • MD5

    310020d11dca5daa292c6d121ce044e0

  • SHA1

    974b85852d942d4bcf7fba23fc417d9083c1fb7d

  • SHA256

    027224e42ddba610a50c3bd948d8c81d824de1adc8d031808c6a65d3c291ac20

  • SHA512

    39e7f13bb2a2e17f3a7e057a11567e1f70494181a08fe7d0847917677b8a4320c74105666b007bd25f697a739dc244fa12d2aac10e4ad0ce99597d01e3c729e7

  • SSDEEP

    6144:FsaocyLCxJy0823optx30uY4OifzyHFuNn:FtobQy089tx3DYfGzyluNn

Score
7/10

Malware Config

Targets

    • Target

      027224e42ddba610a50c3bd948d8c81d824de1adc8d031808c6a65d3c291ac20

    • Size

      199KB

    • MD5

      310020d11dca5daa292c6d121ce044e0

    • SHA1

      974b85852d942d4bcf7fba23fc417d9083c1fb7d

    • SHA256

      027224e42ddba610a50c3bd948d8c81d824de1adc8d031808c6a65d3c291ac20

    • SHA512

      39e7f13bb2a2e17f3a7e057a11567e1f70494181a08fe7d0847917677b8a4320c74105666b007bd25f697a739dc244fa12d2aac10e4ad0ce99597d01e3c729e7

    • SSDEEP

      6144:FsaocyLCxJy0823optx30uY4OifzyHFuNn:FtobQy089tx3DYfGzyluNn

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/inst.exe

    • Size

      143KB

    • MD5

      0f9c02df96da8a059c83ddfcfc0f8c6a

    • SHA1

      2a3fa9056603c843a4c086136557c4ad9cd190c3

    • SHA256

      56099fbbb997f4fdee7bcb8fabe62f3d49273028bcee7f12018e6c18b54af455

    • SHA512

      1481ca881e19074da73a46009d35d12e4221ec6f8c9aefe007a0a9d12d52eef4db6c5a38dfda18922d0fffd519c15032997df1df7c79f93361650f91476bbe7b

    • SSDEEP

      3072:BbJHKnXqlLo7N2nGN9acIqxvtbAeJr6eJ0Ig:B+Xyop9ap2F8e8A0D

    Score
    6/10

    • Drops desktop.ini file(s)

    behavioral3behavioral4

    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      8KB

    • MD5

      249ae678f0dac4c625c6de6aca53823a

    • SHA1

      6ac2b9e90e8445fed4c45c5dbf2d0227cd3b5201

    • SHA256

      7298024a36310b7c4c112be87b61b62a0b1be493e2d5252a19e5e976daf674ce

    • SHA512

      66e4081a40f3191bf28b810cf8411cb3c8c3e3ec5943e18d6672414fb5e7b4364f862cba44c9115c599ac90890ef02a773e254e7c979e930946bc52b0693aad7

    • SSDEEP

      192:r/QeHNWSvUTfWdXw08LYKFaynLb3MRlbOVlR:7jBvwudT8LJxnnMRlyVlR

    Score
    3/10
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks