Overview

overview

8

Static

static

3

gggg.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    gggg.exe

  • Size

    6KB

  • Sample

    240521-ryfkmshc67

  • MD5

    ecd1e7a63af56b76125345468d9cefb7

  • SHA1

    20d9f7945f1d6a5be34e9c388cd985bd836b0415

  • SHA256

    669a47b89c23621ec8631c8c04ea98c540edddb6fc6b82bd8eafe9682419d91d

  • SHA512

    7a5e44e16a66019e3ccde13b1d0b42e329a44c634937e5c06a876e9f69123921890ecd8a17f8d3d18bca17f4c69551f7202a9782e0d141bc8b1d92622be8dab4

  • SSDEEP

    96:0nIspKBq1Nv6uydFurogUt79RCPYmZGGvQV91ss9ijxziMzNt:0nNxv6uydFu8dl9RNnGuLkzB

Score
8/10

Malware Config

Targets

    • Target

      gggg.exe

    • Size

      6KB

    • MD5

      ecd1e7a63af56b76125345468d9cefb7

    • SHA1

      20d9f7945f1d6a5be34e9c388cd985bd836b0415

    • SHA256

      669a47b89c23621ec8631c8c04ea98c540edddb6fc6b82bd8eafe9682419d91d

    • SHA512

      7a5e44e16a66019e3ccde13b1d0b42e329a44c634937e5c06a876e9f69123921890ecd8a17f8d3d18bca17f4c69551f7202a9782e0d141bc8b1d92622be8dab4

    • SSDEEP

      96:0nIspKBq1Nv6uydFurogUt79RCPYmZGGvQV91ss9ijxziMzNt:0nNxv6uydFu8dl9RNnGuLkzB

    Score
    8/10

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks