Overview

overview

8

Static

static

81831bb50c...8e.exe

windows7-x64

8

81831bb50c...8e.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    81831bb50cf92c9bfdc6b089102f89f5c95229a1f7eb2c064af750abe0b87e8e

  • Size

    498KB

  • Sample

    220919-fzrthsdhdr

  • MD5

    bf7a015db3f886fa52cb9bb317b05872

  • SHA1

    a2e40225fb1be410c640269df6099d5bff1598b5

  • SHA256

    81831bb50cf92c9bfdc6b089102f89f5c95229a1f7eb2c064af750abe0b87e8e

  • SHA512

    cc718273de3c9124a1585d6d495db64d6d503101178b1665a4898a9a5b8a1111fd45cf216b0a12a1af970ef6707dcb413e60359ad54c726f90fa92b623a5480e

  • SSDEEP

    6144:I6rCnplOxq8VxTfFDbRnOTrt5JGXfEdyCwaeVEuClROTfFDbRnOTrt5JOTfFDbRW:IVbG5OcqyCwrVEum+5Oi5OV

Score
8/10
evasion

Malware Config

Targets

    • Target

      81831bb50cf92c9bfdc6b089102f89f5c95229a1f7eb2c064af750abe0b87e8e

    • Size

      498KB

    • MD5

      bf7a015db3f886fa52cb9bb317b05872

    • SHA1

      a2e40225fb1be410c640269df6099d5bff1598b5

    • SHA256

      81831bb50cf92c9bfdc6b089102f89f5c95229a1f7eb2c064af750abe0b87e8e

    • SHA512

      cc718273de3c9124a1585d6d495db64d6d503101178b1665a4898a9a5b8a1111fd45cf216b0a12a1af970ef6707dcb413e60359ad54c726f90fa92b623a5480e

    • SSDEEP

      6144:I6rCnplOxq8VxTfFDbRnOTrt5JGXfEdyCwaeVEuClROTfFDbRnOTrt5JOTfFDbRW:IVbG5OcqyCwrVEum+5Oi5OV

    Score
    8/10
    evasion

    • Executes dropped EXE

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks