Overview

overview

7

Static

static

3

Pou.exe

windows10-1703-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Pou.exe

  • Size

    5.4MB

  • Sample

    240420-kbp28sdb6t

  • MD5

    7720d684627c3b755c8319991cf4a89f

  • SHA1

    11ae4b683450836e16c79d8d3ac98a6945d7ff2b

  • SHA256

    43d5588c7ba9d5b99911453fc723aaecbcc3bf7c40aa6394cfdc851a84155ae2

  • SHA512

    8c83b9782584e12e376e3dcce8b1d73484be390a81c8fa49603b4d55831b77bcc68f112681adc63e42933184e9046b0cc4fff25b6982d1801cdf8c2c8142d584

  • SSDEEP

    98304:xhlzbIfAezMD/x/0feyGoQ940BDlgwdnpka9R/k9t+2MGt+5cYYWoLF:xhlzbHHDfyGowBdnpkYRM69Y

Score
7/10
pyinstaller

Malware Config

Targets

    • Target

      Pou.exe

    • Size

      5.4MB

    • MD5

      7720d684627c3b755c8319991cf4a89f

    • SHA1

      11ae4b683450836e16c79d8d3ac98a6945d7ff2b

    • SHA256

      43d5588c7ba9d5b99911453fc723aaecbcc3bf7c40aa6394cfdc851a84155ae2

    • SHA512

      8c83b9782584e12e376e3dcce8b1d73484be390a81c8fa49603b4d55831b77bcc68f112681adc63e42933184e9046b0cc4fff25b6982d1801cdf8c2c8142d584

    • SSDEEP

      98304:xhlzbIfAezMD/x/0feyGoQ940BDlgwdnpka9R/k9t+2MGt+5cYYWoLF:xhlzbHHDfyGowBdnpkYRM69Y

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks