Overview

overview

8

Static

static

3

Setup-v-b5xa3Su.exe

windows7-x64

4

Setup-v-b5xa3Su.exe

windows10-2004-x64

8

Resubmissions

02-05-2024 13:12

240502-qfqr8abg26 5

02-05-2024 13:06

240502-qb8ggahe7t 5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Setup-v-b5xa3Su.exe

  • Size

    704KB

  • Sample

    240414-z6xg5agf51

  • MD5

    d1fc9e6d71a4867ab71af5566e525ba0

  • SHA1

    593b10280a926134839feb8e2f9d0da9ee9c0593

  • SHA256

    21be0a068d7d1b57578bfb2ed850b3f3b1cfe4a4c47981ead95abdb8c20278fe

  • SHA512

    c82a23e5e0e3a38e32fc08401890852a71ec90640bbfb944ed7d45812493a53d2be2c0e4373692e52c77d666b8ae72cd0d15c3dc4bc3cc52887ad4589820658d

  • SSDEEP

    12288:iOIVD3gyucpjRKaDPNKT1zH3ptaR1sDfOQSvJqFZ6rOIIzVFA4+M:iOIyyuUjMaDu173pG1szLSvJwSOZBv

Score
8/10
discovery

Malware Config

Targets

    • Target

      Setup-v-b5xa3Su.exe

    • Size

      704KB

    • MD5

      d1fc9e6d71a4867ab71af5566e525ba0

    • SHA1

      593b10280a926134839feb8e2f9d0da9ee9c0593

    • SHA256

      21be0a068d7d1b57578bfb2ed850b3f3b1cfe4a4c47981ead95abdb8c20278fe

    • SHA512

      c82a23e5e0e3a38e32fc08401890852a71ec90640bbfb944ed7d45812493a53d2be2c0e4373692e52c77d666b8ae72cd0d15c3dc4bc3cc52887ad4589820658d

    • SSDEEP

      12288:iOIVD3gyucpjRKaDPNKT1zH3ptaR1sDfOQSvJqFZ6rOIIzVFA4+M:iOIyyuUjMaDu173pG1szLSvJwSOZBv

    Score
    8/10
    discovery

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

1
T1053

Persistence

Scheduled Task/Job

1
T1053

Privilege Escalation

Scheduled Task/Job

1
T1053

Defense Evasion

Credential Access

Discovery

Query Registry

4
T1012

System Information Discovery

4
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks