Overview

overview

8

Static

static

8

Surveillan...27.doc

windows10-2004-x64

1

Surveillan...27.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Surveillance_client_P2P(64)_1.5.46_2020_02_27.rar

  • Size

    58.8MB

  • Sample

    240425-r2j28sbf4t

  • MD5

    0f177cac6520662dda5035c3f4567bfa

  • SHA1

    48cf4f79a0a2567f7964a3e3fda65bd268dee95d

  • SHA256

    ff936adee9099cb0ea9a3ff2c417f3492dd71b411c874d6221a248eb1469d76e

  • SHA512

    fa17c8fcea2ba4c08f711fd3edc37ef6223cb57bc42694d58798d0846400ce5048623c5fc16f560b79346c1c39de52dc4039e07f0ad0817a68c45c390b59746a

  • SSDEEP

    1572864:2utf8ZMeqQ5FnCFUDHSOGQnEUX3UL/AnYzTfDjQLoY:2utoMeqLGDHfEzL/Ff2oY

Score
8/10
discoverymacroxlm

Malware Config

Targets

    • Target

      Surveillance_client_P2P(64)_1.5.46_2020_02_27/Surveillance_client_P2P(64)_1.5.46_2020_02_27.doc

    • Size

      51KB

    • MD5

      3e50cfb3cca9f07a2d6997d71b2fe117

    • SHA1

      1ea32da994adf25ea87836b5207c94a446d0368a

    • SHA256

      dc255dd68c7398864bb771f5737318482f15288871dd6122b1ca0dcd094a9db2

    • SHA512

      d1a54d813f9eeb096987a92d49d9c3773dc9ff885bf9b695f5d35871b49fc1e724b89a2eab6ae0d2314ca34983df5ad8a862163254640b59586cdb94a4d8fba0

    • SSDEEP

      1536:/ZJ/jBt+i4Er/+EtZ+8bMAPod55558d55585558558555g:oA255558d55585558558555

    Score
    1/10
    behavioral1

    • Target

      Surveillance_client_P2P(64)_1.5.46_2020_02_27/Surveillance_client_P2P(64)_1.5.46_2020_02_27.exe

    • Size

      58.8MB

    • MD5

      10a8a81638c8c694beb706792723dda1

    • SHA1

      8cfa3c522653e91697e1eb6e92e260c162c298b4

    • SHA256

      a8c2b94770476783a524757d18b652dda84f5c2703670b8e052d2e5e1878c35a

    • SHA512

      12d5d2afff7f3596fad219a0def2bb4acb0104e02cb9405c4fa530f5c398838678128e0983af5582008525705d6fdc8ad24ab983e9efbf0f4c4a86ae15908e5d

    • SSDEEP

      1572864:yutf8ZMeqQ5FnCFUDHSOGQnEUX3UL/AnYzTfDjQLox:yutoMeqLGDHfEzL/Ff2ox

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

3
T1012

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks