Overview

overview

8

Static

static

eafe33d20e...7d.exe

windows7-x64

8

eafe33d20e...7d.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    eafe33d20ed174c1cea3f6a32e631daa3282f9c8241c91f1931c4d1ac523397d

  • Size

    20KB

  • Sample

    221011-r5yd2aaffr

  • MD5

    105a18e0441382d726d31e963cb65320

  • SHA1

    a3898266a05dbc3dc895ae224d50bebe7b40bc6e

  • SHA256

    eafe33d20ed174c1cea3f6a32e631daa3282f9c8241c91f1931c4d1ac523397d

  • SHA512

    1d033a126636234580b68dae74748b89d8cc44e5b6ada205321679b3ffe9a7f487a28fda75cb8195198eec0e9a5104000eb090893e02930956270b8cc2a4f1ad

  • SSDEEP

    192:1l5E3krTuntKy0peHDfCpHfBv+I4QwXt9V+jqu0G5KDJBn:1M3PnQoHDCpHf4I4Qwdc0G5KDJV

Score
8/10

Malware Config

Targets

    • Target

      eafe33d20ed174c1cea3f6a32e631daa3282f9c8241c91f1931c4d1ac523397d

    • Size

      20KB

    • MD5

      105a18e0441382d726d31e963cb65320

    • SHA1

      a3898266a05dbc3dc895ae224d50bebe7b40bc6e

    • SHA256

      eafe33d20ed174c1cea3f6a32e631daa3282f9c8241c91f1931c4d1ac523397d

    • SHA512

      1d033a126636234580b68dae74748b89d8cc44e5b6ada205321679b3ffe9a7f487a28fda75cb8195198eec0e9a5104000eb090893e02930956270b8cc2a4f1ad

    • SSDEEP

      192:1l5E3krTuntKy0peHDfCpHfBv+I4QwXt9V+jqu0G5KDJBn:1M3PnQoHDCpHf4I4Qwdc0G5KDJV

    Score
    8/10

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks