Overview

overview

7

Static

static

3

5d9c51a61f...e3.exe

windows7-x64

7

5d9c51a61f...e3.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5d9c51a61fd258899bf0653ac24467be9cfbb5015e15435713f634dfc7f68be3.exe

  • Size

    12KB

  • Sample

    240522-318jzseb34

  • MD5

    0e9020b2cbb1a0d1eae43611d40cfae0

  • SHA1

    9ec5a4d7f7225722a8555f8a0490e7c5029a0505

  • SHA256

    5d9c51a61fd258899bf0653ac24467be9cfbb5015e15435713f634dfc7f68be3

  • SHA512

    e17c125e0e34b8d79ba84d148643a1a1fb6d0c03f0d1e87715d51e2c9a4d469f16ad8bac92ad21bb31fc3c58e1297df0d243c3bbddbddf33cdcced4d1f592bc0

  • SSDEEP

    384:ZL7li/2z0q2DcEQvdhcJKLTp/NK9xaGQ:pAM/Q9cGQ

Score
7/10

Malware Config

Targets

    • Target

      5d9c51a61fd258899bf0653ac24467be9cfbb5015e15435713f634dfc7f68be3.exe

    • Size

      12KB

    • MD5

      0e9020b2cbb1a0d1eae43611d40cfae0

    • SHA1

      9ec5a4d7f7225722a8555f8a0490e7c5029a0505

    • SHA256

      5d9c51a61fd258899bf0653ac24467be9cfbb5015e15435713f634dfc7f68be3

    • SHA512

      e17c125e0e34b8d79ba84d148643a1a1fb6d0c03f0d1e87715d51e2c9a4d469f16ad8bac92ad21bb31fc3c58e1297df0d243c3bbddbddf33cdcced4d1f592bc0

    • SSDEEP

      384:ZL7li/2z0q2DcEQvdhcJKLTp/NK9xaGQ:pAM/Q9cGQ

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scripting

1
T1064

Persistence

Privilege Escalation

Defense Evasion

Scripting

1
T1064

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks