Overview

overview

8

Static

static

8a06c0417d...4d.exe

windows7-x64

8

8a06c0417d...4d.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8a06c0417d171b58b8d35f5bd648cc4d.exe

  • Size

    6.1MB

  • Sample

    221027-v4v43adafr

  • MD5

    8a06c0417d171b58b8d35f5bd648cc4d

  • SHA1

    3da8ffb89369567acd8eabdba595e99217ad6eb0

  • SHA256

    f767e0a0d19a0e1a3788cdd2ff6468fe08add55cdcc469ea54b1ce59c6aeaa20

  • SHA512

    1a0634a4cfc670dbcbe7d8508a8f0172259fbf61be216868dc1e4bcbbeac77610f25e6044db337f78a8ad3b109333ee552c4d3a0136160c2464b8f570f2fc97b

  • SSDEEP

    98304:1mrspKGBEya+i7Mv4rY+GES/xsUuRYHryNHBPHDuJ6z1Tbv97txUUKL/xYn2:wrspBBlCMv+0meHQHB/ayTbrxrKVYn

Score
8/10

Malware Config

Targets

    • Target

      8a06c0417d171b58b8d35f5bd648cc4d.exe

    • Size

      6.1MB

    • MD5

      8a06c0417d171b58b8d35f5bd648cc4d

    • SHA1

      3da8ffb89369567acd8eabdba595e99217ad6eb0

    • SHA256

      f767e0a0d19a0e1a3788cdd2ff6468fe08add55cdcc469ea54b1ce59c6aeaa20

    • SHA512

      1a0634a4cfc670dbcbe7d8508a8f0172259fbf61be216868dc1e4bcbbeac77610f25e6044db337f78a8ad3b109333ee552c4d3a0136160c2464b8f570f2fc97b

    • SSDEEP

      98304:1mrspKGBEya+i7Mv4rY+GES/xsUuRYHryNHBPHDuJ6z1Tbv97txUUKL/xYn2:wrspBBlCMv+0meHQHB/ayTbrxrKVYn

    Score
    8/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks