Overview

overview

8

Static

static

3

App_02029.exe

windows7-x64

8

App_02029.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    App_02029.exe

  • Size

    66.5MB

  • Sample

    240704-gpg21axfjp

  • MD5

    82089a3de7594ca1c13fc526beaec792

  • SHA1

    5d46d05c78ee6d1608601cde4912f3bd91a3b71c

  • SHA256

    4899de29c229ae1d5772c8bb53c025dac760dfe0a38476adf709d98b6e40dab1

  • SHA512

    bbdd69fbd0e4fc08b578d6d74929eb5a32d29e5f66df56ec69e4d69b053a7f39bce415d1fadd2a33c2e2317ee1b30f00ee4f8d001de44577c275aeaf4636ee4e

  • SSDEEP

    393216:z0MnFTz4KVTrmxGfftGOpcDL3QYDez3QzCQSPIaXSz69II65rUVf:tmxGfftGOpAL3ivhdS+9Ix5rUVf

Score
8/10
discoveryevasionpersistenceprivilege_escalation

Malware Config

Targets

    • Target

      App_02029.exe

    • Size

      66.5MB

    • MD5

      82089a3de7594ca1c13fc526beaec792

    • SHA1

      5d46d05c78ee6d1608601cde4912f3bd91a3b71c

    • SHA256

      4899de29c229ae1d5772c8bb53c025dac760dfe0a38476adf709d98b6e40dab1

    • SHA512

      bbdd69fbd0e4fc08b578d6d74929eb5a32d29e5f66df56ec69e4d69b053a7f39bce415d1fadd2a33c2e2317ee1b30f00ee4f8d001de44577c275aeaf4636ee4e

    • SSDEEP

      393216:z0MnFTz4KVTrmxGfftGOpcDL3QYDez3QzCQSPIaXSz69II65rUVf:tmxGfftGOpAL3ivhdS+9Ix5rUVf

    Score
    8/10
    discoveryevasionpersistenceprivilege_escalation

    • Modifies Windows Firewall

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks