Overview

overview

7

Static

static

1

18d635e1f1...af.exe

windows7-x64

7

18d635e1f1...af.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    18d635e1f18b0b7f71ccfed3cb8d35f8995abbe943c79a96f34eb8a649bb7daf

  • Size

    115KB

  • Sample

    220919-pv7tlshbg3

  • MD5

    464dbafa4332c11bde7bbe2fc32b73de

  • SHA1

    1bae30fa6d9d83938b4ef4ad62ad520709403cec

  • SHA256

    18d635e1f18b0b7f71ccfed3cb8d35f8995abbe943c79a96f34eb8a649bb7daf

  • SHA512

    74422c71c5a4da478ecae6aec822c3bdd6001f135b2072e92465b5d3728b817f345e1fbbbf21702ddc78270b7b761b76e078df196357d041cb471fd394d32223

  • SSDEEP

    3072:xqBFJLzgOJJ5a0fe+CUGXQV8HiKxh2pvFC:wPdZdfvtGXQV8CyEfC

Score
7/10

Malware Config

Targets

    • Target

      18d635e1f18b0b7f71ccfed3cb8d35f8995abbe943c79a96f34eb8a649bb7daf

    • Size

      115KB

    • MD5

      464dbafa4332c11bde7bbe2fc32b73de

    • SHA1

      1bae30fa6d9d83938b4ef4ad62ad520709403cec

    • SHA256

      18d635e1f18b0b7f71ccfed3cb8d35f8995abbe943c79a96f34eb8a649bb7daf

    • SHA512

      74422c71c5a4da478ecae6aec822c3bdd6001f135b2072e92465b5d3728b817f345e1fbbbf21702ddc78270b7b761b76e078df196357d041cb471fd394d32223

    • SSDEEP

      3072:xqBFJLzgOJJ5a0fe+CUGXQV8HiKxh2pvFC:wPdZdfvtGXQV8CyEfC

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks