Overview

overview

8

Static

static

fe0094b43c...f8.exe

windows7-x64

8

fe0094b43c...f8.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fe0094b43cf5f527b520fd387b7bb7532be6adb2cf773fd5615c0a41190081f8

  • Size

    43KB

  • Sample

    221123-m8ptvabc5v

  • MD5

    4844ce6123f316de09ad8d30c8aaabc2

  • SHA1

    c11fe89eeb001e9b33296144e45fff7d597a8dae

  • SHA256

    fe0094b43cf5f527b520fd387b7bb7532be6adb2cf773fd5615c0a41190081f8

  • SHA512

    15f5d394884eaf37532226b7fd0e7608064f4aeeb0bc995295e62b4b508e9b17ec00a4a80cd30dd2a3da5c687ba7742616045b6ce3582ac61ff0fb8f360273a6

  • SSDEEP

    768:qspvryXgi4VhQelswKhGSnmAH0KBh/DokmAAK1K2M67yfirwuS:tpvryX54r67skmAAK1K8Miy

Score
8/10

Malware Config

Targets

    • Target

      fe0094b43cf5f527b520fd387b7bb7532be6adb2cf773fd5615c0a41190081f8

    • Size

      43KB

    • MD5

      4844ce6123f316de09ad8d30c8aaabc2

    • SHA1

      c11fe89eeb001e9b33296144e45fff7d597a8dae

    • SHA256

      fe0094b43cf5f527b520fd387b7bb7532be6adb2cf773fd5615c0a41190081f8

    • SHA512

      15f5d394884eaf37532226b7fd0e7608064f4aeeb0bc995295e62b4b508e9b17ec00a4a80cd30dd2a3da5c687ba7742616045b6ce3582ac61ff0fb8f360273a6

    • SSDEEP

      768:qspvryXgi4VhQelswKhGSnmAH0KBh/DokmAAK1K2M67yfirwuS:tpvryX54r67skmAAK1K8Miy

    Score
    8/10

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

3
T1082

Peripheral Device Discovery

1
T1120

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks