Overview

overview

8

Static

static

4cde289924...08.exe

windows7-x64

8

4cde289924...08.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4cde289924a8db3153190cfe925ec67548b17ff5a86c837ced2db2613cd8a008

  • Size

    20KB

  • Sample

    221028-1xw1nshegj

  • MD5

    01d53cb917902d0716b0bb89c4070950

  • SHA1

    f469be4edc10c15bc8a54289e27fce183f37067b

  • SHA256

    4cde289924a8db3153190cfe925ec67548b17ff5a86c837ced2db2613cd8a008

  • SHA512

    bcf01146b7b1a8f94696a69f46fd2bd52832e79829c8923f17eeb245abf7960a8156e49816b520fd8bddf41790c7b722c203b4fbb431bec8d6925dbf44b6e5a9

  • SSDEEP

    192:1l5E3krTuntKy0peHDfCpHfBv+I4QwXt9V+jqu0G5KDJBdq:1M3PnQoHDCpHf4I4Qwdc0G5KDJXq

Score
8/10

Malware Config

Targets

    • Target

      4cde289924a8db3153190cfe925ec67548b17ff5a86c837ced2db2613cd8a008

    • Size

      20KB

    • MD5

      01d53cb917902d0716b0bb89c4070950

    • SHA1

      f469be4edc10c15bc8a54289e27fce183f37067b

    • SHA256

      4cde289924a8db3153190cfe925ec67548b17ff5a86c837ced2db2613cd8a008

    • SHA512

      bcf01146b7b1a8f94696a69f46fd2bd52832e79829c8923f17eeb245abf7960a8156e49816b520fd8bddf41790c7b722c203b4fbb431bec8d6925dbf44b6e5a9

    • SSDEEP

      192:1l5E3krTuntKy0peHDfCpHfBv+I4QwXt9V+jqu0G5KDJBdq:1M3PnQoHDCpHf4I4Qwdc0G5KDJXq

    Score
    8/10

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks