Overview

overview

8

Static

static

9a6d349d32...64.exe

windows7-x64

8

9a6d349d32...64.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    9a6d349d3279b7563f812aa2cbc2c80a420cf17a4763bef25a2d118245468764

  • Size

    20KB

  • Sample

    221020-strb1sbfb5

  • MD5

    80c6ce70c7ffbff0e31ba2ffba3eae90

  • SHA1

    bee1c99942873ab031200148e1ed1afb0a0d9d72

  • SHA256

    9a6d349d3279b7563f812aa2cbc2c80a420cf17a4763bef25a2d118245468764

  • SHA512

    960ae899797529da329f30d18b2152cf71b35bf7b13af55fcb30ebf191a7489098e25f930337b81dc7917ef37b0885fef20bc954466e2b633a9f4be5157bcc44

  • SSDEEP

    192:1l5E3krTuntKy0peHDfCpHfBv+I4QwXt9V+jqu0G5KDJBX:1M3PnQoHDCpHf4I4Qwdc0G5KDJZ

Score
8/10

Malware Config

Targets

    • Target

      9a6d349d3279b7563f812aa2cbc2c80a420cf17a4763bef25a2d118245468764

    • Size

      20KB

    • MD5

      80c6ce70c7ffbff0e31ba2ffba3eae90

    • SHA1

      bee1c99942873ab031200148e1ed1afb0a0d9d72

    • SHA256

      9a6d349d3279b7563f812aa2cbc2c80a420cf17a4763bef25a2d118245468764

    • SHA512

      960ae899797529da329f30d18b2152cf71b35bf7b13af55fcb30ebf191a7489098e25f930337b81dc7917ef37b0885fef20bc954466e2b633a9f4be5157bcc44

    • SSDEEP

      192:1l5E3krTuntKy0peHDfCpHfBv+I4QwXt9V+jqu0G5KDJBX:1M3PnQoHDCpHf4I4Qwdc0G5KDJZ

    Score
    8/10

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks