Overview

overview

7

Static

static

3

ST-GM138-8...2).exe

windows10-2004-x64

7

ST-GM138-8...2).exe

windows11-21h2-x64

7

Resubmissions

18/03/2024, 13:46

240318-q22rlsag9w 7

18/03/2024, 10:37

240318-mn8ffsef96 7

18/03/2024, 10:29

240318-mh8t2afb6t 7

Sharing

Copy URL Twitter E-mail

General

  • Target

    ST-GM138-8355+3335(2).exe

  • Size

    18.3MB

  • Sample

    240318-q22rlsag9w

  • MD5

    20329a5a9a1ac7e4e54eeb4092acbbdd

  • SHA1

    138e0981da4ac023e7a72fd092a4a52891a2a8b2

  • SHA256

    a1414254ceb394242282306c0ea1fb4d4e2db3a027d2673345a2ad53f1ec4767

  • SHA512

    350e7ed387b74b8d48e2b421fc6abb2945b9508b075148cc862cfec0ebfb4fb33b1217b030846eae04beff1355f6e07b1d97e3df012c2d919a9fe2ca4b4d6807

  • SSDEEP

    393216:GBrbAjh3BWHtedbDkO2gJh9R15o5rSIPFDXv1YPyai3x:Orbk3JvH5DigUFDWP63x

Score
7/10
discovery

Malware Config

Targets

    • Target

      ST-GM138-8355+3335(2).exe

    • Size

      18.3MB

    • MD5

      20329a5a9a1ac7e4e54eeb4092acbbdd

    • SHA1

      138e0981da4ac023e7a72fd092a4a52891a2a8b2

    • SHA256

      a1414254ceb394242282306c0ea1fb4d4e2db3a027d2673345a2ad53f1ec4767

    • SHA512

      350e7ed387b74b8d48e2b421fc6abb2945b9508b075148cc862cfec0ebfb4fb33b1217b030846eae04beff1355f6e07b1d97e3df012c2d919a9fe2ca4b4d6807

    • SSDEEP

      393216:GBrbAjh3BWHtedbDkO2gJh9R15o5rSIPFDXv1YPyai3x:Orbk3JvH5DigUFDWP63x

    Score
    7/10
    discovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks