Overview

overview

8

Static

static

f0f245e4d8...d3.exe

windows7-x64

8

f0f245e4d8...d3.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    f0f245e4d845dc70162125e3cdee47d3

  • Size

    2.0MB

  • Sample

    220926-de4lgaacer

  • MD5

    f0f245e4d845dc70162125e3cdee47d3

  • SHA1

    ed18d4003721cc216c2009f7354c81d55d4c5619

  • SHA256

    72a54d59bdc50b9fa821b91f617258f844c1f014cfe169ca1f1f3769d9340df7

  • SHA512

    906c2053993f428cfc5a97263f201c1d195fbf322a0ca22cd24abb2e8bfa08f22a5f4703d018f7ab0ee5ed0ae6a0aa44a00d75abb24b1be169211758336b7bee

  • SSDEEP

    24576:l7FUDowAyrTVE3U5FmcpExU1S+x25J7o59Sc/5x7awFhJdNo69lOy7KTijli:lBuZrEUEoyc/55DdN7POGj8

Score
8/10

Malware Config

Targets

    • Target

      f0f245e4d845dc70162125e3cdee47d3

    • Size

      2.0MB

    • MD5

      f0f245e4d845dc70162125e3cdee47d3

    • SHA1

      ed18d4003721cc216c2009f7354c81d55d4c5619

    • SHA256

      72a54d59bdc50b9fa821b91f617258f844c1f014cfe169ca1f1f3769d9340df7

    • SHA512

      906c2053993f428cfc5a97263f201c1d195fbf322a0ca22cd24abb2e8bfa08f22a5f4703d018f7ab0ee5ed0ae6a0aa44a00d75abb24b1be169211758336b7bee

    • SSDEEP

      24576:l7FUDowAyrTVE3U5FmcpExU1S+x25J7o59Sc/5x7awFhJdNo69lOy7KTijli:lBuZrEUEoyc/55DdN7POGj8

    Score
    8/10

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks