Overview

overview

7

Static

static

3

Clangen.sfx.exe

windows7-x64

7

Clangen.sfx.exe

windows10-2004-x64

7

Clangen.sfx.exe

windows11-21h2-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Clangen.sfx.exe

  • Size

    77.3MB

  • Sample

    240424-jq8x8afg84

  • MD5

    14f8ae0123d56a279b5bff74524864f2

  • SHA1

    2eabccf312c926ad1937bcba55ef73b6fb8ee02f

  • SHA256

    f3513878f891b367d4d6c42ecf689b65fae3f1e7e3ae0c2ceb40efddab9429bc

  • SHA512

    01c329a8a63fa6de342080fc4eb4ab90216411ff35b0e80f18d330d6bbf62749453f5afadb10885e0605f6f3206ddaf8c9aea144163c8a8381b235c53d7d6845

  • SSDEEP

    1572864:ejPxL2kRi9npTQNIOxcocBq+WoXw0rIgtPIivBUbYEKv:o2k830T+0+XwOWqBUbY1v

Score
7/10
pyinstaller

Malware Config

Targets

    • Target

      Clangen.sfx.exe

    • Size

      77.3MB

    • MD5

      14f8ae0123d56a279b5bff74524864f2

    • SHA1

      2eabccf312c926ad1937bcba55ef73b6fb8ee02f

    • SHA256

      f3513878f891b367d4d6c42ecf689b65fae3f1e7e3ae0c2ceb40efddab9429bc

    • SHA512

      01c329a8a63fa6de342080fc4eb4ab90216411ff35b0e80f18d330d6bbf62749453f5afadb10885e0605f6f3206ddaf8c9aea144163c8a8381b235c53d7d6845

    • SSDEEP

      1572864:ejPxL2kRi9npTQNIOxcocBq+WoXw0rIgtPIivBUbYEKv:o2k830T+0+XwOWqBUbY1v

    Score
    7/10
    pyinstaller

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

3
T1082

Peripheral Device Discovery

1
T1120

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Resource Development

Reconnaissance

Tasks