Overview

overview

8

Static

static

e7ca04a76e...6c.exe

windows7-x64

8

e7ca04a76e...6c.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    e7ca04a76e3c461b84bf75f616b87d8b429d1ec69f81952ca1d5ff771167c76c

  • Size

    20KB

  • Sample

    221030-gwqygsfah9

  • MD5

    9356d93d4ce3fab868c5b0a68c37b760

  • SHA1

    e58a70a101bf4201d2aa82b317746dbb6996614d

  • SHA256

    e7ca04a76e3c461b84bf75f616b87d8b429d1ec69f81952ca1d5ff771167c76c

  • SHA512

    cf5773635c2e3a4feb880da484a3956442a14f33eda79d5f17b2d9c08c6ba36b3ed24e05e0b05535f4b8e46633706579204b7c5723b4d49a2c544fb1d4548e5a

  • SSDEEP

    192:1l5E3krTuntKy0peHDfCpHfBv+I4QwXt9V+jqu0G5KDJBJabGlBD:1M3PnQoHDCpHf4I4Qwdc0G5KDJy6lBD

Score
8/10

Malware Config

Targets

    • Target

      e7ca04a76e3c461b84bf75f616b87d8b429d1ec69f81952ca1d5ff771167c76c

    • Size

      20KB

    • MD5

      9356d93d4ce3fab868c5b0a68c37b760

    • SHA1

      e58a70a101bf4201d2aa82b317746dbb6996614d

    • SHA256

      e7ca04a76e3c461b84bf75f616b87d8b429d1ec69f81952ca1d5ff771167c76c

    • SHA512

      cf5773635c2e3a4feb880da484a3956442a14f33eda79d5f17b2d9c08c6ba36b3ed24e05e0b05535f4b8e46633706579204b7c5723b4d49a2c544fb1d4548e5a

    • SSDEEP

      192:1l5E3krTuntKy0peHDfCpHfBv+I4QwXt9V+jqu0G5KDJBJabGlBD:1M3PnQoHDCpHf4I4Qwdc0G5KDJy6lBD

    Score
    8/10

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks