Overview

overview

8

Static

static

1eef3c5581...5b.exe

windows7-x64

8

1eef3c5581...5b.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    1eef3c558179911387ba900978c473b3fcaf14197fa2fdf881eac5cdfcc3895b

  • Size

    1.3MB

  • Sample

    221030-gxm8zsgber

  • MD5

    92781631e5db54ca411b4a1450018c80

  • SHA1

    c764c366aaf208606236fe58bb47d8d8445614ad

  • SHA256

    1eef3c558179911387ba900978c473b3fcaf14197fa2fdf881eac5cdfcc3895b

  • SHA512

    7c4b4cdc1189c08391739529fa1107f7542ecbc407023973f62b4861920b11473f2f204313761cae27bda9be04319ac9da189f6e4a901699992c3423e1c5392c

  • SSDEEP

    24576:yPRUoXI/xBVfVop04ZDoK33bH50WZ6lRePAK9K7ruj:yPRrY/xPdoDLZ0WZ6lRe4eK76j

Score
8/10

Malware Config

Targets

    • Target

      1eef3c558179911387ba900978c473b3fcaf14197fa2fdf881eac5cdfcc3895b

    • Size

      1.3MB

    • MD5

      92781631e5db54ca411b4a1450018c80

    • SHA1

      c764c366aaf208606236fe58bb47d8d8445614ad

    • SHA256

      1eef3c558179911387ba900978c473b3fcaf14197fa2fdf881eac5cdfcc3895b

    • SHA512

      7c4b4cdc1189c08391739529fa1107f7542ecbc407023973f62b4861920b11473f2f204313761cae27bda9be04319ac9da189f6e4a901699992c3423e1c5392c

    • SSDEEP

      24576:yPRUoXI/xBVfVop04ZDoK33bH50WZ6lRePAK9K7ruj:yPRrY/xPdoDLZ0WZ6lRe4eK76j

    Score
    8/10

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks