Overview

overview

8

Static

static

5

47d2dd01fd...f1.exe

windows7-x64

8

47d2dd01fd...f1.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    47d2dd01fdd570406adf66c7ebec26348f6cab6c73718b701f4dcedab38867f1

  • Size

    993KB

  • Sample

    221121-3cg25aeg2v

  • MD5

    095501e94845992bd4e7a391d64fc2b4

  • SHA1

    6e72a1f189c34b61ce66b7548c538bd30d242659

  • SHA256

    47d2dd01fdd570406adf66c7ebec26348f6cab6c73718b701f4dcedab38867f1

  • SHA512

    c2085477aedb3650464a2d79808a545e672ce935a51e8efcb1676b273b2ae233a98f9e8dc4dbca6e4fdeaba093a6a52f1d5c027d3f2eec437b02f7231eebfd26

  • SSDEEP

    24576:P4lavt0LkLL9IMixoEgeaBwktAuq9MmCS:Kkwkn9IMHeaBVDaPCS

Score
8/10
persistence

Malware Config

Targets

    • Target

      47d2dd01fdd570406adf66c7ebec26348f6cab6c73718b701f4dcedab38867f1

    • Size

      993KB

    • MD5

      095501e94845992bd4e7a391d64fc2b4

    • SHA1

      6e72a1f189c34b61ce66b7548c538bd30d242659

    • SHA256

      47d2dd01fdd570406adf66c7ebec26348f6cab6c73718b701f4dcedab38867f1

    • SHA512

      c2085477aedb3650464a2d79808a545e672ce935a51e8efcb1676b273b2ae233a98f9e8dc4dbca6e4fdeaba093a6a52f1d5c027d3f2eec437b02f7231eebfd26

    • SSDEEP

      24576:P4lavt0LkLL9IMixoEgeaBwktAuq9MmCS:Kkwkn9IMHeaBVDaPCS

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks