Overview

overview

7

Static

static

3

Xfer_KeyGen.exe

windows10-2004-x64

7

$TEMP/BASSMOD.dll

windows10-2004-x64

1

$TEMP/R2RXFEKG.dll

windows10-2004-x64

3

$TEMP/keygen.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Xfer_KeyGen.exe

  • Size

    559KB

  • Sample

    240519-2tdklafe4s

  • MD5

    3502197687f3356bc50ab03329831d22

  • SHA1

    a6ad8b22a2a45eda34c64d33e55236e3d3cf440e

  • SHA256

    29e65b74b8ffaedfc0fc4e233684c89eaa4a2f36c4fe478a3d851991b32e5950

  • SHA512

    adffec8a1940113c1a7545a8778fc77db1f9bf6f0a4f216f96bef5ea9197831e3821d4f5b822e08fcc15477a3650ab60dd88814008b85db56b27f5c624c0eb7d

  • SSDEEP

    12288:XYkc9t2Sll/Sq9x4oWrSfzTw9wViWOfo1l9ds/7NPq7:XYkcL5Sq/4jurIGOfobvkNPq7

Score
7/10

Malware Config

Targets

    • Target

      Xfer_KeyGen.exe

    • Size

      559KB

    • MD5

      3502197687f3356bc50ab03329831d22

    • SHA1

      a6ad8b22a2a45eda34c64d33e55236e3d3cf440e

    • SHA256

      29e65b74b8ffaedfc0fc4e233684c89eaa4a2f36c4fe478a3d851991b32e5950

    • SHA512

      adffec8a1940113c1a7545a8778fc77db1f9bf6f0a4f216f96bef5ea9197831e3821d4f5b822e08fcc15477a3650ab60dd88814008b85db56b27f5c624c0eb7d

    • SSDEEP

      12288:XYkc9t2Sll/Sq9x4oWrSfzTw9wViWOfo1l9ds/7NPq7:XYkcL5Sq/4jurIGOfobvkNPq7

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1

    • Target

      $TEMP/BASSMOD.dll

    • Size

      33KB

    • MD5

      e4ec57e8508c5c4040383ebe6d367928

    • SHA1

      b22bcce36d9fdeae8ab7a7ecc0b01c8176648d06

    • SHA256

      8ad9e47693e292f381da42ddc13724a3063040e51c26f4ca8e1f8e2f1ddd547f

    • SHA512

      77d5cf66caf06e192e668fae2b2594e60a498e8e0ccef5b09b9710721a4cdb0c852d00c446fd32c5b5c85e739de2e73cb1f1f6044879fe7d237341bbb6f27822

    • SSDEEP

      768:qQmS5iUgi5czW+DlrQOS1DeDdjgNtbX4O6DHix84H0:qQz5Tgof+DdpS1+djctLSHiZ0

    Score
    1/10
    behavioral2

    • Target

      $TEMP/R2RXFEKG.dll

    • Size

      3KB

    • MD5

      fb235a312dbde4daf45aa6d62923d2c4

    • SHA1

      67580595f059640b974cd585b3deac25aba5928e

    • SHA256

      fb2ef28d03f1bbc60cb564cc8d90b3469f3ad393d81020b4afe2501c1b60da9c

    • SHA512

      14c7ba743221520753266119b4f91023321fdead7e3f941e4c6ede1b439886fcdfe7565eefd00d03f7c93686234ccd7369e150f2ad344d365ed0447c6aa6f898

    Score
    3/10
    behavioral3

    • Target

      $TEMP/keygen.exe

    • Size

      249KB

    • MD5

      39940bef79a1d23adf86979d4d4cceed

    • SHA1

      593f9ea0cd0c1c4ec35c92a4473ed05437fb22ce

    • SHA256

      941267a1bd1328f21bbaf3a1ba5abe12196c3d57e4c49134c6764e7b143767d8

    • SHA512

      12b8f61bb8c1c661d7d4c7aff5e2e3f2915cd1b3c923bf9b17dd3bcc8b3ffb4145aa86b284bedd2695c6e62117cc1257a896dfe3227961deac35e8e9836d12c3

    • SSDEEP

      6144:pcmzikEPDonRgNgz1+hw6hNgPfHv9PAimIAOsE7c7:pc/kEPDonR6Y436vRH7c7

    Score
    1/10
    behavioral4

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.