Overview

overview

8

Static

static

68d259896f...00.exe

windows7-x64

8

68d259896f...00.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    68d259896fc53cc53ebab20e83333f5bbd3c2bef8c2389cd69400a2ce4dddc00

  • Size

    20KB

  • Sample

    221002-15twaachd6

  • MD5

    66dd3b4fc29511c38e6bab7132457ca0

  • SHA1

    6cf0c73dbd616b0bfb1f347b60fa1e4346ee5301

  • SHA256

    68d259896fc53cc53ebab20e83333f5bbd3c2bef8c2389cd69400a2ce4dddc00

  • SHA512

    033c65178956fe746e78d8a7d0997b8d4e60646ca6fc5267ef3b04a487690f57d87cca7fde51473c392aba5097c6b007b500eb9f113275454444cda952638185

  • SSDEEP

    192:1l5E3krTuntKy0peHDfCpHfBv+I4QwXt9V+jqu0G5KDJBHF:1M3PnQoHDCpHf4I4Qwdc0G5KDJVF

Score
8/10

Malware Config

Targets

    • Target

      68d259896fc53cc53ebab20e83333f5bbd3c2bef8c2389cd69400a2ce4dddc00

    • Size

      20KB

    • MD5

      66dd3b4fc29511c38e6bab7132457ca0

    • SHA1

      6cf0c73dbd616b0bfb1f347b60fa1e4346ee5301

    • SHA256

      68d259896fc53cc53ebab20e83333f5bbd3c2bef8c2389cd69400a2ce4dddc00

    • SHA512

      033c65178956fe746e78d8a7d0997b8d4e60646ca6fc5267ef3b04a487690f57d87cca7fde51473c392aba5097c6b007b500eb9f113275454444cda952638185

    • SSDEEP

      192:1l5E3krTuntKy0peHDfCpHfBv+I4QwXt9V+jqu0G5KDJBHF:1M3PnQoHDCpHf4I4Qwdc0G5KDJVF

    Score
    8/10

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks