abc161b975d50f5411184c10bcebf28fda9c69294423d1f0681aef8db5627e42 | Triage

Resubmissions

23-05-2024 03:36

240523-d5yg5scf65 7

23-05-2024 03:27

240523-dz6asscc2s 7

Sharing

General

Target

NewCP-1.6.1.Setup.exe
Size

119.6MB
Sample

240523-dz6asscc2s
MD5

e6269f4ab856eb8c0f971995a5879760
SHA1

7c00a72bda6c8c1a0de57703a630d8b0b3bd4224
SHA256

abc161b975d50f5411184c10bcebf28fda9c69294423d1f0681aef8db5627e42
SHA512

325fa12d662f999fd351f5daf2530f721c94fe69fe018fa08585ebd3c338d29679e726aa9a271cdf0b1329ec6ae941737a4d6c781b7c739ee1644260f3804577
SSDEEP

3145728:r7FwbIdniXuMXNSEPgEZ4fq7KEJ7EBa1Y3s:rSboniXuMdt9Z4fqe6EBa+

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  NewCP-1.6.1.Setup.exe
- Size
  
  119.6MB
- MD5
  
  e6269f4ab856eb8c0f971995a5879760
- SHA1
  
  7c00a72bda6c8c1a0de57703a630d8b0b3bd4224
- SHA256
  
  abc161b975d50f5411184c10bcebf28fda9c69294423d1f0681aef8db5627e42
- SHA512
  
  325fa12d662f999fd351f5daf2530f721c94fe69fe018fa08585ebd3c338d29679e726aa9a271cdf0b1329ec6ae941737a4d6c781b7c739ee1644260f3804577
- SSDEEP
  
  3145728:r7FwbIdniXuMXNSEPgEZ4fq7KEJ7EBa1Y3s:rSboniXuMdt9Z4fqe6EBa+
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2