Overview

overview

7

Static

static

fb3212a498...a3.exe

windows7-x64

7

fb3212a498...a3.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fb3212a4981297889cab2827aff8fd73fd15172b27c27ba77b0dd649c967eea3

  • Size

    36KB

  • Sample

    221123-vnpmcacd9v

  • MD5

    4c17860ac6d57d345d1ba7f87f524800

  • SHA1

    77d893ccfcae930052aa3410cb3f3b11ffbb5b28

  • SHA256

    fb3212a4981297889cab2827aff8fd73fd15172b27c27ba77b0dd649c967eea3

  • SHA512

    452ef704628c64acba447e7a0a6eb9f047ad56bd8c0bff02ac12b9d6eb1ad956afe9711e8832c12ee586ded5af70f9a7cb767fc03979ffdbe8f21a489b4f31f1

  • SSDEEP

    384:lmnQcDDT375RK3l6DNDvnqzemXrJ99/BDmy4todF+HO86CxEh99yRlKTe70:li3hUMDNDvzmXrJ9Jotov+HO000lP

Score
7/10

Malware Config

Targets

    • Target

      fb3212a4981297889cab2827aff8fd73fd15172b27c27ba77b0dd649c967eea3

    • Size

      36KB

    • MD5

      4c17860ac6d57d345d1ba7f87f524800

    • SHA1

      77d893ccfcae930052aa3410cb3f3b11ffbb5b28

    • SHA256

      fb3212a4981297889cab2827aff8fd73fd15172b27c27ba77b0dd649c967eea3

    • SHA512

      452ef704628c64acba447e7a0a6eb9f047ad56bd8c0bff02ac12b9d6eb1ad956afe9711e8832c12ee586ded5af70f9a7cb767fc03979ffdbe8f21a489b4f31f1

    • SSDEEP

      384:lmnQcDDT375RK3l6DNDvnqzemXrJ99/BDmy4todF+HO86CxEh99yRlKTe70:li3hUMDNDvzmXrJ9Jotov+HO000lP

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

3
T1082

Peripheral Device Discovery

1
T1120

Process Discovery

1
T1057

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks