Overview

overview

8

Static

static

3

WeMod-Setup.exe

windows7-x64

8

WeMod-Setup.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    WeMod-Setup.exe

  • Size

    141KB

  • Sample

    240803-hkfttawckk

  • MD5

    7396d2443eb427e3aff845aaed55df2c

  • SHA1

    b6487935c9261d6e5c153d8eeb8fbeb08cc86078

  • SHA256

    b8475cb8d5c069cc7e03ecf8c74bc7bd4bbf85b1175af9515c707e8d2c12a578

  • SHA512

    909fa9132d431d074e9f4b54ebdc1c40b4f4ab43df55fd300282ee8581eaa5df12a92494ec48a7aac80c1d088f31265de34e5cbc82a9768c5eb27a0ddfe9619c

  • SSDEEP

    3072:XGjm4ILlCI+4COHCyhaEtHZugr7t4ILlCI+4TOHHSTs:Xr+bwaEtHBHto

Score
8/10
discovery

Malware Config

Targets

    • Target

      WeMod-Setup.exe

    • Size

      141KB

    • MD5

      7396d2443eb427e3aff845aaed55df2c

    • SHA1

      b6487935c9261d6e5c153d8eeb8fbeb08cc86078

    • SHA256

      b8475cb8d5c069cc7e03ecf8c74bc7bd4bbf85b1175af9515c707e8d2c12a578

    • SHA512

      909fa9132d431d074e9f4b54ebdc1c40b4f4ab43df55fd300282ee8581eaa5df12a92494ec48a7aac80c1d088f31265de34e5cbc82a9768c5eb27a0ddfe9619c

    • SSDEEP

      3072:XGjm4ILlCI+4COHCyhaEtHZugr7t4ILlCI+4TOHHSTs:Xr+bwaEtHBHto

    Score
    8/10
    discovery

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks