Overview

overview

8

Static

static

8280aa5778...46.exe

windows7-x64

8

8280aa5778...46.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    8280aa5778be3927bb46a4c7b758149761ea955944aa859529b74a79b239d646

  • Size

    789KB

  • Sample

    221004-fykc2sdeh9

  • MD5

    46348a9c95e67b51858968c1dbdd1624

  • SHA1

    c21dc9795668efdbdc9128a712a3b2262516c6a4

  • SHA256

    8280aa5778be3927bb46a4c7b758149761ea955944aa859529b74a79b239d646

  • SHA512

    91841329467e0b4a3f8ffaf4468ad631dbda554b391ce82ccb80c63e69f083d5b1c28ed4f4eaa35b419ee7dcd4ec1de7e9ebeb6640eb03ea49bfaa1b7b40af45

  • SSDEEP

    12288:FM/+UAS0bUYV+wSDVEwBNMFk9wDeZdpGAXhmeqwd2q4kvqb8ZVgH:FMN0l+wSR8F8eeZHGAXgeb2p8Z2

Score
8/10
persistence

Malware Config

Targets

    • Target

      8280aa5778be3927bb46a4c7b758149761ea955944aa859529b74a79b239d646

    • Size

      789KB

    • MD5

      46348a9c95e67b51858968c1dbdd1624

    • SHA1

      c21dc9795668efdbdc9128a712a3b2262516c6a4

    • SHA256

      8280aa5778be3927bb46a4c7b758149761ea955944aa859529b74a79b239d646

    • SHA512

      91841329467e0b4a3f8ffaf4468ad631dbda554b391ce82ccb80c63e69f083d5b1c28ed4f4eaa35b419ee7dcd4ec1de7e9ebeb6640eb03ea49bfaa1b7b40af45

    • SSDEEP

      12288:FM/+UAS0bUYV+wSDVEwBNMFk9wDeZdpGAXhmeqwd2q4kvqb8ZVgH:FMN0l+wSR8F8eeZHGAXgeb2p8Z2

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks