Overview

overview

7

Static

static

3

Clangen.sfx.exe

windows7-x64

7

Clangen.sfx.exe

windows10-2004-x64

7

Clangen.sfx.exe

windows11-21h2-x64

7

Resubmissions

24-04-2024 07:22

240424-h7nsyafg21 7

24-04-2024 07:18

240424-h5ahjafg2s 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Clangen.sfx.exe

  • Size

    77.4MB

  • Sample

    240424-h7nsyafg21

  • MD5

    058e987a05ac63bdecf68b886d14ec78

  • SHA1

    aadb53f27280cd0ba5da89da3c8ac2c83c8e6562

  • SHA256

    373254770b5c06e66a598ab32208d9b26d3d5c2c04181145226060d6f3fb961e

  • SHA512

    2fad72c96e29b3f34998bbdcfe3304ea71e2dca74cf00a0cbef22db662bafad993dfb032958473bdac8799a297521ad93014426b9f6dfde49b20cd0f7e85022a

  • SSDEEP

    1572864:IMdNbn9kuHTQNehtquAeLoGcp2dFIuCdeEuJkVbK:IWb9l0tu3jd2VykVbK

Score
7/10
pyinstaller

Malware Config

Targets

    • Target

      Clangen.sfx.exe

    • Size

      77.4MB

    • MD5

      058e987a05ac63bdecf68b886d14ec78

    • SHA1

      aadb53f27280cd0ba5da89da3c8ac2c83c8e6562

    • SHA256

      373254770b5c06e66a598ab32208d9b26d3d5c2c04181145226060d6f3fb961e

    • SHA512

      2fad72c96e29b3f34998bbdcfe3304ea71e2dca74cf00a0cbef22db662bafad993dfb032958473bdac8799a297521ad93014426b9f6dfde49b20cd0f7e85022a

    • SSDEEP

      1572864:IMdNbn9kuHTQNehtquAeLoGcp2dFIuCdeEuJkVbK:IWb9l0tu3jd2VykVbK

    Score
    7/10
    pyinstaller

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

3
T1082

Peripheral Device Discovery

1
T1120

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Resource Development

Reconnaissance

Tasks