Overview

overview

5

Static

static

1

Setup.exe

windows7-x64

1

Setup.exe

windows10-2004-x64

1

install.exe

windows7-x64

3

install.exe

windows10-2004-x64

5

Sharing

Copy URL Twitter E-mail

General

  • Target

    Agent_Setup_Windows.zip

  • Size

    126KB

  • Sample

    240408-xha8wabh7z

  • MD5

    71e5e9f0a68aed8cb0c811ae195ba33c

  • SHA1

    23d733b7f7db361ebf754dd60cb906867b37ea49

  • SHA256

    bfcf185481f64806d5e4eed08f12c39ffe498f66259d7f146b633eb07ca40777

  • SHA512

    03c6d37aa83ab5d80eec5a75579384d38396219a37e7ae756264bc12e82d54fa636d3ae8c3ce772f74085af5584fa99e0a172a9fd8d2637b1a374be0207da87d

  • SSDEEP

    3072:2f1NRoYiG3EbeSGXlQdJEoCfp5aJQ5IhgT:2dNJ3gWXSEoCya

Score
5/10

Malware Config

Targets

    • Target

      Setup.exe

    • Size

      525KB

    • MD5

      395ae091b54c96bb73fbb3d8e61df8c4

    • SHA1

      ac72984fc4f946f0348713f7a972943b8d50878f

    • SHA256

      822897ae12843c8418016cf32db2f10abf2b1e91fabe0dc2322fe999b03da3e0

    • SHA512

      c3e648e948ee5e6a68e2f4ca6f1387ded4c0ad048bd6394e207b946c3a83fa6a4ba9004c28c87a65299b2ebd1a4b9581f27c67f0db9eff04c40e0e3187ee8d4f

    • SSDEEP

      3072:rOls7ABKCcLKWAhLDjDHwZam8pK4awtPQGV41DHt1k1gkLUN9YeIF+i:rOls7ic+WAhLD3wZaVxYGfgk49vIFB

    Score
    1/10
    behavioral1behavioral2

    • Target

      install.exe

    • Size

      18KB

    • MD5

      06b532a0808529c86a7fad5106214d5a

    • SHA1

      736dcd2408e30a1eda9bbed288c736cfa13df917

    • SHA256

      23959f35acfa20fb61ff269d645c30a500e9fa87aa5678e006e9f7c55691e9a8

    • SHA512

      eb1d0ec2f9fdb1880ef2a1e081012a30461da98a9ebbb30a0de58402e9dc1ef427d618fda5a070d66d601b504d72c20feff3b67762dd0bb230dad88f8c34d167

    • SSDEEP

      384:JGtYOgzvptYcFwVc03KVpwKNsImMb9wLGoGCJEF8ZpHue5c:dOMBtYcFwVc6KKIm+mvEFiRV5c

    Score
    5/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks