Overview

overview

8

Static

static

41cf804d9a...ad.exe

windows7-x64

8

41cf804d9a...ad.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    41cf804d9aba82ce093a7e67f4b0fbe5a46669539bb16f0b0c1b9918f6d66ead

  • Size

    20KB

  • Sample

    221001-yny3kaeear

  • MD5

    725c0c10f6f53f637aa0fc1f83ce8630

  • SHA1

    d784f0843f357ffe04fbad363d8f08b4c85e91eb

  • SHA256

    41cf804d9aba82ce093a7e67f4b0fbe5a46669539bb16f0b0c1b9918f6d66ead

  • SHA512

    35403dead54e04d683084c322bf9e6880b6eeb8597d0f86302ecc81da7165091f709b68259bc10ea1954b20e5672c51d15f161569bfdfe5c24e023be802f9a7e

  • SSDEEP

    192:1l5E3krTuntKy0peHDfCpHfBv+I4QwXt9V+jqu0G5KDJBJdt:1M3PnQoHDCpHf4I4Qwdc0G5KDJv

Score
8/10

Malware Config

Targets

    • Target

      41cf804d9aba82ce093a7e67f4b0fbe5a46669539bb16f0b0c1b9918f6d66ead

    • Size

      20KB

    • MD5

      725c0c10f6f53f637aa0fc1f83ce8630

    • SHA1

      d784f0843f357ffe04fbad363d8f08b4c85e91eb

    • SHA256

      41cf804d9aba82ce093a7e67f4b0fbe5a46669539bb16f0b0c1b9918f6d66ead

    • SHA512

      35403dead54e04d683084c322bf9e6880b6eeb8597d0f86302ecc81da7165091f709b68259bc10ea1954b20e5672c51d15f161569bfdfe5c24e023be802f9a7e

    • SSDEEP

      192:1l5E3krTuntKy0peHDfCpHfBv+I4QwXt9V+jqu0G5KDJBJdt:1M3PnQoHDCpHf4I4Qwdc0G5KDJv

    Score
    8/10

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks