Overview

overview

8

Static

static

46545e4ebb...3e.exe

windows7-x64

8

46545e4ebb...3e.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    46545e4ebb21a29879728a633ca703ef8f5fa61d863032ff87c19d372ec39f3e

  • Size

    20KB

  • Sample

    221001-ynyf2adcb6

  • MD5

    630ad145be932b64927ab38f668e33e0

  • SHA1

    126d77d2c1c25b1e5f27090a65fcc50c2c65d850

  • SHA256

    46545e4ebb21a29879728a633ca703ef8f5fa61d863032ff87c19d372ec39f3e

  • SHA512

    12b86b32426c51d6fbb8ce7d23d393d48e663811dcc7aa2cf00be4b26d003332d85808ad5025c1c404938b3439c9326f27b5d2aef6196d05f5baff863e10d0c3

  • SSDEEP

    192:1l5E3krTuntKy0peHDfCpHfBv+I4QwXt9V+jqu0G5KDJBb:1M3PnQoHDCpHf4I4Qwdc0G5KDJF

Score
8/10

Malware Config

Targets

    • Target

      46545e4ebb21a29879728a633ca703ef8f5fa61d863032ff87c19d372ec39f3e

    • Size

      20KB

    • MD5

      630ad145be932b64927ab38f668e33e0

    • SHA1

      126d77d2c1c25b1e5f27090a65fcc50c2c65d850

    • SHA256

      46545e4ebb21a29879728a633ca703ef8f5fa61d863032ff87c19d372ec39f3e

    • SHA512

      12b86b32426c51d6fbb8ce7d23d393d48e663811dcc7aa2cf00be4b26d003332d85808ad5025c1c404938b3439c9326f27b5d2aef6196d05f5baff863e10d0c3

    • SSDEEP

      192:1l5E3krTuntKy0peHDfCpHfBv+I4QwXt9V+jqu0G5KDJBb:1M3PnQoHDCpHf4I4Qwdc0G5KDJF

    Score
    8/10

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks