Overview

overview

8

Static

static

Details.lnk

windows7-x64

8

Details.lnk

windows10-2004-x64

8

disallowab...ed.dll

windows7-x64

1

disallowab...ed.dll

windows10-2004-x64

1

disallowab...te.cmd

windows7-x64

1

disallowab...te.cmd

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Details6128.iso

  • Size

    724KB

  • Sample

    221028-azax4sedfq

  • MD5

    a6058fd3c6c56576ad0d81501af58081

  • SHA1

    72cac567dbe2725f7d23a7541383fca0e578cc23

  • SHA256

    ca1dcfe8ec96d9ec08e610e95491fd8a66814c2a4b968af75776009e140b6e20

  • SHA512

    87b99f3ac667089b48c8b40134de22449ec4a44467b52cf38604858cbcce5844265f5eb0a8fa9e66e8be75f587321e1ccf4e64add2df9d783715688adf42d025

  • SSDEEP

    12288:VqdD/sblafl4M/8toGXJZ6diNjBo8Ywr6t57AKCW3wdOcUwDOMHHCgOWeO:Vqdclafl4eGXuiNO8Ye6cWw4wrHHCgO+

Score
8/10

Malware Config

Targets

    • Target

      Details.lnk

    • Size

      1KB

    • MD5

      75e66f65a06fe0711edc5912983fd30e

    • SHA1

      470df0229a48b671a8e3d1444a593b2c52f71661

    • SHA256

      16864a5e96dd5dd9c3963a2788ef1d027a28f62feae63f6c3120b1e30fe6b92a

    • SHA512

      a55f381ebcb3bc73145387319c3621dc2e3e20e253fd427fd63b27c3bfc0f9223ab9208a93cd902784a87f5cd8cad17f4cbaa0b3d9e27cdc5da75fa8a21c0de9

    Score
    8/10

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      disallowable/hyperbolized.dat

    • Size

      422KB

    • MD5

      6456ce9903d7e0917f577d3caea5dee1

    • SHA1

      4d7b2c4c9745cf579af9f92909a387ab93805b9a

    • SHA256

      45749feb2cc5fc85b002930bd4684fb75708483812fa1801c27a933da918a4c9

    • SHA512

      f01f1dd6aafea72fde2c3b91250e4b562215bec46b5c14ceaf98cea046f82d96963c27c5d91a11d5eabe5de75a4158a62477ffa8a80b35c31f5219854b78fd2c

    • SSDEEP

      12288:eqdD/sblafl4M/8toGXJZ6diNjBo8Ywr6t57AKC:eqdclafl4eGXuiNO8Ye6c

    Score
    1/10
    behavioral3behavioral4

    • Target

      disallowable/sulfate.cmd

    • Size

      366B

    • MD5

      294b74804f305d4a244a4a5df389e0cb

    • SHA1

      1bcf269d6b6139a176a26352dca9e56dc67fe144

    • SHA256

      6beb5ebb7c2e2d7d80b19d65c670bc4d14ad708e2b938256267c83fd4e9de431

    • SHA512

      e067c8dc14ebf7cc4213f1515337cc679608faf58ac913cc7706bcd4bac50d0b241c0598ff1f0a83b7cb6af713e8e3e08964b066f65e8bca37400e2e6160181c

    Score
    1/10
    behavioral5behavioral6

MITRE ATT&CK Enterprise v6

Tasks