Overview

overview

8

Static

static

2c6b7d4a99...e1.exe

windows7-x64

8

2c6b7d4a99...e1.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2c6b7d4a99b2abb15905ef95a06a33dad53141fe5406896f22e9851023ccf9e1

  • Size

    151KB

  • Sample

    221123-yh9xwadb71

  • MD5

    5105ce242c550e7dab0b4bb18326c450

  • SHA1

    24ed657e2ef1dd972775b9e8b714959ece6eb2e7

  • SHA256

    2c6b7d4a99b2abb15905ef95a06a33dad53141fe5406896f22e9851023ccf9e1

  • SHA512

    4e1b030e51a4aa1b73b2b0143a75add268a1457160d8b91e8c115e941b7e64936c7e8cf8eac9a060097260780a999dadf3e5bcbf949b0fefa348be4eccd25220

  • SSDEEP

    3072:lBAp5XhKpN4eOyVTGfhEClj8jTk+0hiwKQ6T9FbaEt:AbXE9OiTGfhEClq9Cr6TLaEt

Score
8/10
discovery

Malware Config

Targets

    • Target

      2c6b7d4a99b2abb15905ef95a06a33dad53141fe5406896f22e9851023ccf9e1

    • Size

      151KB

    • MD5

      5105ce242c550e7dab0b4bb18326c450

    • SHA1

      24ed657e2ef1dd972775b9e8b714959ece6eb2e7

    • SHA256

      2c6b7d4a99b2abb15905ef95a06a33dad53141fe5406896f22e9851023ccf9e1

    • SHA512

      4e1b030e51a4aa1b73b2b0143a75add268a1457160d8b91e8c115e941b7e64936c7e8cf8eac9a060097260780a999dadf3e5bcbf949b0fefa348be4eccd25220

    • SSDEEP

      3072:lBAp5XhKpN4eOyVTGfhEClj8jTk+0hiwKQ6T9FbaEt:AbXE9OiTGfhEClq9Cr6TLaEt

    Score
    8/10
    discovery

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks