Overview

overview

6

Static

static

1

PoeSetup.exe

windows7-x64

4

PoeSetup.exe

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

General

  • Target

    PoeSetup.exe

  • Size

    101.8MB

  • Sample

    240914-damr6atfld

  • MD5

    30b739a75bb6af227be614d3afee5d09

  • SHA1

    8c6310a8ff1ce59398d581feed6f0bc0b871ee1c

  • SHA256

    858a613d9ad797acfb08bbe5687f9e14512d5cc7ce70d540119a347401b40998

  • SHA512

    5001452e6a0ea65c29168220268325373be93aac699f1a2874e744a6c15a90524a64b4010175b2b1898378c3caf40c9c30e8f2804cd0adca62bc13f2ef8f8541

  • SSDEEP

    3145728:JNQ4zAdLHoLBPoKx+zuOx4D2RNt/RjxiK6o:J2AGHoVPoJDN/iK6o

Score
6/10
discoveryexecutionpersistence

Malware Config

Targets

    • Target

      PoeSetup.exe

    • Size

      101.8MB

    • MD5

      30b739a75bb6af227be614d3afee5d09

    • SHA1

      8c6310a8ff1ce59398d581feed6f0bc0b871ee1c

    • SHA256

      858a613d9ad797acfb08bbe5687f9e14512d5cc7ce70d540119a347401b40998

    • SHA512

      5001452e6a0ea65c29168220268325373be93aac699f1a2874e744a6c15a90524a64b4010175b2b1898378c3caf40c9c30e8f2804cd0adca62bc13f2ef8f8541

    • SSDEEP

      3145728:JNQ4zAdLHoLBPoKx+zuOx4D2RNt/RjxiK6o:J2AGHoVPoJDN/iK6o

    Score
    6/10
    discoveryexecutionpersistence

    • Adds Run key to start application

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks