Overview

overview

10

Static

static

1

malwaredes...up.exe

windows7-x64

10

malwaredes...up.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    malwaredestroyersetup.exe

  • Size

    13.5MB

  • Sample

    241121-bj8d4sxmav

  • MD5

    3cb29faef815a9f68dd3b4ffc1805e17

  • SHA1

    a0e5123678403306f761bf18ae15990213526d69

  • SHA256

    2baebeb6802f17e4516ac852fa61541166f4f298ef00a4c5de918ae1906c1578

  • SHA512

    881bac62c7110c4cddd52443a550bdac5f0bb1ce566376dec6fde90f68a15c0684183d28c015379ff0ee8f2e57a113fd4a6ba8250bfc4b8fe2b7178ef3dc3893

  • SSDEEP

    196608:I2Yo329sx/IjSICyFVL7nmt+F9UxdaKkjoQlOa5mOCAQqPGjHVYPbYHSAvPp:9vislVyFVW8oeKkhU9qujHViYH7

Score
10/10
discovery

Malware Config

Extracted

Credentials

  • Protocol:     ftp
  • Host:
    emcosoftware.com
  • Port:
    21
  • Username:
    maldupload
  • Password:
    malaccess90

Extracted

Credentials

  • Protocol:     ftp
  • Host:
    emcosoftware.com
  • Port:
    21
  • Username:
    malwaresign
  • Password:
    3549msign

Targets

    • Target

      malwaredestroyersetup.exe

    • Size

      13.5MB

    • MD5

      3cb29faef815a9f68dd3b4ffc1805e17

    • SHA1

      a0e5123678403306f761bf18ae15990213526d69

    • SHA256

      2baebeb6802f17e4516ac852fa61541166f4f298ef00a4c5de918ae1906c1578

    • SHA512

      881bac62c7110c4cddd52443a550bdac5f0bb1ce566376dec6fde90f68a15c0684183d28c015379ff0ee8f2e57a113fd4a6ba8250bfc4b8fe2b7178ef3dc3893

    • SSDEEP

      196608:I2Yo329sx/IjSICyFVL7nmt+F9UxdaKkjoQlOa5mOCAQqPGjHVYPbYHSAvPp:9vislVyFVW8oeKkhU9qujHViYH7

    Score
    10/10
    discovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks