Overview

overview

8

Static

static

1

URLScan

urlscan

1

https://google.com

windows10-2004-x64

8

Resubmissions

17-03-2024 13:25

240317-qpfzdafc72 1

16-03-2024 11:53

240316-n2tpwsae21 1

16-03-2024 10:31

240316-mknlwabb86 1

16-03-2024 10:28

240316-mh4kbabb46 8

16-03-2024 09:43

240316-lpxvnsgd3t 1

16-03-2024 09:42

240316-lpqflagd2y 7

15-03-2024 19:28

240315-x6vx7aha7v 8

15-03-2024 12:26

240315-pl6j7aac75 7

14-03-2024 11:42

240314-nt9q5sba9s 6

14-03-2024 11:40

240314-nsz6baba5t 1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://google.com

  • Sample

    240316-mh4kbabb46

Score
8/10
persistence

Malware Config

Targets

    • Target

      https://google.com

    Score
    8/10
    persistence

    • Downloads MZ/PE file

    • Sets file execution options in registry

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

      persistence

    • Registers COM server for autorun

      persistence

    • Adds Run key to start application

      persistence

    • Blocklisted process makes network request

    • Checks for any installed AV software in registry

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks