Overview

overview

7

Static

static

3

DS423_65.exe

windows7-x64

7

DS423_65.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    DS423_65.exe

  • Size

    9.4MB

  • Sample

    241119-qvb8dawnay

  • MD5

    61cdf84e22a19e961c451ce041b2ef75

  • SHA1

    90dd9cf111d9b75cb2b73170043bd77fa4440320

  • SHA256

    4df7b5a13fd2c88904bb20acf5fdf724a7d8a2a9e697696988ad03a4818d1ab6

  • SHA512

    1e22048274b242848d1ee8629dc4a20831a8d63cd16fd58c3e8bb8264ab6121e728f8b969b1f5b23cadc87c52182fa6a4ff7521776eb34f713211af6e8470124

  • SSDEEP

    196608:w7xFg7R+B6LxZRP64wZqhmLPrhz1c4acZSwPLr5280na:VMBL4EwO1gcZSysHa

Score
7/10
discovery

Malware Config

Targets

    • Target

      DS423_65.exe

    • Size

      9.4MB

    • MD5

      61cdf84e22a19e961c451ce041b2ef75

    • SHA1

      90dd9cf111d9b75cb2b73170043bd77fa4440320

    • SHA256

      4df7b5a13fd2c88904bb20acf5fdf724a7d8a2a9e697696988ad03a4818d1ab6

    • SHA512

      1e22048274b242848d1ee8629dc4a20831a8d63cd16fd58c3e8bb8264ab6121e728f8b969b1f5b23cadc87c52182fa6a4ff7521776eb34f713211af6e8470124

    • SSDEEP

      196608:w7xFg7R+B6LxZRP64wZqhmLPrhz1c4acZSwPLr5280na:VMBL4EwO1gcZSysHa

    Score
    7/10
    discovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks