Overview

overview

7

Static

static

3

ec2080b7ac...ad.exe

windows7-x64

7

ec2080b7ac...ad.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    ec2080b7acb90e0dd02e5ccd08edc42ce2d6b5395ebca3f31bed88a39923aaad

  • Size

    1.5MB

  • Sample

    240806-ekxksaygmm

  • MD5

    2cd99159c94188afe5cf0a4cf126fb88

  • SHA1

    a0cb44f510a907ab0c5a6e305d444613017240d2

  • SHA256

    ec2080b7acb90e0dd02e5ccd08edc42ce2d6b5395ebca3f31bed88a39923aaad

  • SHA512

    a2cc82ef39a15c309a40da9ff2cdeecd3e81aaadf45e46cc33c42d92b573ea274e9d9feca2136dd2e16c61d714bc0e9956b6a0a6f7181bc076f2932a43f152d3

  • SSDEEP

    49152:oJnfQW0e9+tqf/2vwHTwQWTG6sY7BFZOxu6FNkKFNku:oCWZrHhWTG6VzHkk0ku

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      ec2080b7acb90e0dd02e5ccd08edc42ce2d6b5395ebca3f31bed88a39923aaad

    • Size

      1.5MB

    • MD5

      2cd99159c94188afe5cf0a4cf126fb88

    • SHA1

      a0cb44f510a907ab0c5a6e305d444613017240d2

    • SHA256

      ec2080b7acb90e0dd02e5ccd08edc42ce2d6b5395ebca3f31bed88a39923aaad

    • SHA512

      a2cc82ef39a15c309a40da9ff2cdeecd3e81aaadf45e46cc33c42d92b573ea274e9d9feca2136dd2e16c61d714bc0e9956b6a0a6f7181bc076f2932a43f152d3

    • SSDEEP

      49152:oJnfQW0e9+tqf/2vwHTwQWTG6sY7BFZOxu6FNkKFNku:oCWZrHhWTG6VzHkk0ku

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks