Overview

overview

7

Static

static

3

EASEAddressSetup.exe

windows7-x64

7

EASEAddressSetup.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    EASEAddressSetup.exe

  • Size

    198KB

  • Sample

    240620-kgdw6ayalc

  • MD5

    ae0c0db4d5ea0c74af161424c075a76e

  • SHA1

    c70179d41323084345d2bbd6377dd1ec77d99bd7

  • SHA256

    f9feccc0dea7cd5346f737741e34bd413cb083745103ee616c08ef2e9bb15127

  • SHA512

    ed32571232ce59f0989dbd042400b1ac005728b5968e28084b5c9e51a36b9a79d73bcf87477e9376a6d669e4b85df5d1279042c8feae99d11f2f26bfba0125af

  • SSDEEP

    6144:/1uNmhUJ6EEjlHuoXx1LZKHoV5pYdiCAYD:Mmh9HYoXzLZKK/YdiCAG

Score
7/10
persistence

Malware Config

Targets

    • Target

      EASEAddressSetup.exe

    • Size

      198KB

    • MD5

      ae0c0db4d5ea0c74af161424c075a76e

    • SHA1

      c70179d41323084345d2bbd6377dd1ec77d99bd7

    • SHA256

      f9feccc0dea7cd5346f737741e34bd413cb083745103ee616c08ef2e9bb15127

    • SHA512

      ed32571232ce59f0989dbd042400b1ac005728b5968e28084b5c9e51a36b9a79d73bcf87477e9376a6d669e4b85df5d1279042c8feae99d11f2f26bfba0125af

    • SSDEEP

      6144:/1uNmhUJ6EEjlHuoXx1LZKHoV5pYdiCAYD:Mmh9HYoXzLZKK/YdiCAG

    Score
    7/10
    persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks