Overview

overview

8

Static

static

c9496ac545...d5.exe

windows7-x64

8

c9496ac545...d5.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c9496ac545f5a510a7b7e9d126454505925ee887c88e5755c36408aff47ac3d5

  • Size

    167KB

  • Sample

    221106-ngf83abfaj

  • MD5

    8f88db6fe0d709495c4e5ea39f6a6ebd

  • SHA1

    0b5134afef9070737400368e2ca89ee4472f07df

  • SHA256

    c9496ac545f5a510a7b7e9d126454505925ee887c88e5755c36408aff47ac3d5

  • SHA512

    960c88cc7697211fb62b0608b63886e256007cbe2709fcf8aa464a429c5acdc8b010d4624669a6684c7872d5c57d588cc47dd43dbcf88ef568123eb1040d6f93

  • SSDEEP

    3072:mBAp5XhKpN4eOyVTGfhEClj8jTk+0hAa8nYcT9IsMGTz:dbXE9OiTGfhEClq928nYeMGTz

Score
8/10
discovery

Malware Config

Targets

    • Target

      c9496ac545f5a510a7b7e9d126454505925ee887c88e5755c36408aff47ac3d5

    • Size

      167KB

    • MD5

      8f88db6fe0d709495c4e5ea39f6a6ebd

    • SHA1

      0b5134afef9070737400368e2ca89ee4472f07df

    • SHA256

      c9496ac545f5a510a7b7e9d126454505925ee887c88e5755c36408aff47ac3d5

    • SHA512

      960c88cc7697211fb62b0608b63886e256007cbe2709fcf8aa464a429c5acdc8b010d4624669a6684c7872d5c57d588cc47dd43dbcf88ef568123eb1040d6f93

    • SSDEEP

      3072:mBAp5XhKpN4eOyVTGfhEClj8jTk+0hAa8nYcT9IsMGTz:dbXE9OiTGfhEClq928nYeMGTz

    Score
    8/10
    discovery

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks