Overview

overview

10

Static

static

10

Desktop.rar

windows10-ltsc 2021-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Desktop.rar

  • Size

    44.9MB

  • Sample

    250118-vedtgszkbk

  • MD5

    7e91f1ec2469daeb7583dff154869886

  • SHA1

    21f537ab56fc76dd8fe03aa5eaf074398c82bc44

  • SHA256

    714000573abb56370c1ac54a94a0b14abea8a2bfc7f2efece60b946778d87520

  • SHA512

    479080ed59f4fda7b2af2f19a62f079b5a3236c484f9ef5975668fd3f0dce08787ff43a3586075b56bfd3fb9c26219a4afb2ad13c67b1684c8ad18bbc4bba37c

  • SSDEEP

    786432:q9X4lWbcNlWbsMlWbTdlWbLKH9Tzex6qh8pHrwSyzex6qh8XyjQ7FyjQ7wrtpNrb:q9XE9okXH9Ta0liSya0lRPwr1M3jpe

Score
10/10
modiloaderdiscoveryexecutionpersistenceupx

Malware Config

Targets

    • Target

      Desktop.rar

    • Size

      44.9MB

    • MD5

      7e91f1ec2469daeb7583dff154869886

    • SHA1

      21f537ab56fc76dd8fe03aa5eaf074398c82bc44

    • SHA256

      714000573abb56370c1ac54a94a0b14abea8a2bfc7f2efece60b946778d87520

    • SHA512

      479080ed59f4fda7b2af2f19a62f079b5a3236c484f9ef5975668fd3f0dce08787ff43a3586075b56bfd3fb9c26219a4afb2ad13c67b1684c8ad18bbc4bba37c

    • SSDEEP

      786432:q9X4lWbcNlWbsMlWbTdlWbLKH9Tzex6qh8pHrwSyzex6qh8XyjQ7FyjQ7wrtpNrb:q9XE9okXH9Ta0liSya0lRPwr1M3jpe

    Score
    8/10
    discoveryexecutionpersistence

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

      execution

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks