Overview

overview

8

Static

static

file.exe

windows7-x64

8

file.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    7.2MB

  • Sample

    221011-jw468addbq

  • MD5

    c3ea7a9142acb253b47927829730b1d1

  • SHA1

    0c81ce34ba68e0e4cb4cce5288b0203962497d7f

  • SHA256

    3d74ef58c00334e3ec44b26fabbf548c1879d4fcb3264c3fedd83129384f58d5

  • SHA512

    5f3af0b2deaeebd7f9e5306a7314160b37b1ac4ab01c1cd30466ee7c3154f09001f916787ee297464125bd975552ad230cce6f773db14480ffd52a9e7c9441f7

  • SSDEEP

    196608:91Oqi714jmB48iWcpfES/HkRj+1O6UUBiGp:3OWjmB4xZpTEN+w8iGp

Score
8/10

Malware Config

Targets

    • Target

      file.exe

    • Size

      7.2MB

    • MD5

      c3ea7a9142acb253b47927829730b1d1

    • SHA1

      0c81ce34ba68e0e4cb4cce5288b0203962497d7f

    • SHA256

      3d74ef58c00334e3ec44b26fabbf548c1879d4fcb3264c3fedd83129384f58d5

    • SHA512

      5f3af0b2deaeebd7f9e5306a7314160b37b1ac4ab01c1cd30466ee7c3154f09001f916787ee297464125bd975552ad230cce6f773db14480ffd52a9e7c9441f7

    • SSDEEP

      196608:91Oqi714jmB48iWcpfES/HkRj+1O6UUBiGp:3OWjmB4xZpTEN+w8iGp

    Score
    8/10

    • Executes dropped EXE

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks