Overview

overview

8

Static

static

3

e00b253eda...d8.exe

windows7-x64

8

e00b253eda...d8.exe

windows10-2004-x64

8

Resubmissions

17-04-2024 09:27

240417-levmkaah66 8

16-04-2024 15:27

240416-svq3msde45 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e00b253eda798487f5fef2ef25164fd8.exe

  • Size

    126KB

  • Sample

    240417-levmkaah66

  • MD5

    e00b253eda798487f5fef2ef25164fd8

  • SHA1

    cf2c21c845f16ed144487e9f86d8b5ba8376008b

  • SHA256

    c60c7061f20c6cf9645da0ebf22b143913038a93d9358c2693430e1925d6114b

  • SHA512

    bd3dd458dfe3cc38c3ac24a53bf96f7362052fedda39df8aa13ce41a250ce27ecd55068898d4c21e1622f7542891b82adc1b2d884684bf080080bfded7f17d13

  • SSDEEP

    1536:duokBZMKvOsg8ISIv47rz0D+/R/Av3coL6+9D8rbBuS7BeAXJ6xkRQsN5xgSF:RkBGWOsTIJgIDU5A/coLx9DoBRe/xK1F

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      e00b253eda798487f5fef2ef25164fd8.exe

    • Size

      126KB

    • MD5

      e00b253eda798487f5fef2ef25164fd8

    • SHA1

      cf2c21c845f16ed144487e9f86d8b5ba8376008b

    • SHA256

      c60c7061f20c6cf9645da0ebf22b143913038a93d9358c2693430e1925d6114b

    • SHA512

      bd3dd458dfe3cc38c3ac24a53bf96f7362052fedda39df8aa13ce41a250ce27ecd55068898d4c21e1622f7542891b82adc1b2d884684bf080080bfded7f17d13

    • SSDEEP

      1536:duokBZMKvOsg8ISIv47rz0D+/R/Av3coL6+9D8rbBuS7BeAXJ6xkRQsN5xgSF:RkBGWOsTIJgIDU5A/coLx9DoBRe/xK1F

    Score
    8/10
    discoverypersistence

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks