Overview

overview

8

Static

static

07e1a9e7dc...59.exe

windows7-x64

8

07e1a9e7dc...59.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    07e1a9e7dc2690e689031b33366ab614e54f56a45a1ed42e3f8bbf8707bea559

  • Size

    20KB

  • Sample

    221003-1279hahfel

  • MD5

    0a3bd0f7727810a09b8508df4100bac0

  • SHA1

    6f25a8c58dea373eced805179e5dc15ed751f9bf

  • SHA256

    07e1a9e7dc2690e689031b33366ab614e54f56a45a1ed42e3f8bbf8707bea559

  • SHA512

    ba244678f1e2f653fde96ad8952600e4f530c96478b7aeb5edd70dedd439490dcf7c52c0dc9517b5b264f358ba8d057fdfb3c0b760b1453eaff0a78dd6391395

  • SSDEEP

    192:1l5E3krTuntKy0peHDfCpHfBv+I4QwXt9V+jqu0G5KDJBjQ:1M3PnQoHDCpHf4I4Qwdc0G5KDJ6

Score
8/10

Malware Config

Targets

    • Target

      07e1a9e7dc2690e689031b33366ab614e54f56a45a1ed42e3f8bbf8707bea559

    • Size

      20KB

    • MD5

      0a3bd0f7727810a09b8508df4100bac0

    • SHA1

      6f25a8c58dea373eced805179e5dc15ed751f9bf

    • SHA256

      07e1a9e7dc2690e689031b33366ab614e54f56a45a1ed42e3f8bbf8707bea559

    • SHA512

      ba244678f1e2f653fde96ad8952600e4f530c96478b7aeb5edd70dedd439490dcf7c52c0dc9517b5b264f358ba8d057fdfb3c0b760b1453eaff0a78dd6391395

    • SSDEEP

      192:1l5E3krTuntKy0peHDfCpHfBv+I4QwXt9V+jqu0G5KDJBjQ:1M3PnQoHDCpHf4I4Qwdc0G5KDJ6

    Score
    8/10

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks