Overview

overview

9

Static

static

9bc3304f8e...b0.exe

windows7-x64

9

9bc3304f8e...b0.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9bc3304f8e8f352647fa84435b037a6bdfe06d9897cc339536b496f39e98beb0

  • Size

    10.7MB

  • Sample

    221123-z452gsee37

  • MD5

    a734962038e6c57ebc89cec0cbe74705

  • SHA1

    690db5bcac5732efb57cd523ae8c6197755b3a6d

  • SHA256

    9bc3304f8e8f352647fa84435b037a6bdfe06d9897cc339536b496f39e98beb0

  • SHA512

    2542d1d4d6286bb816d0084624ede82ee53f298022ffcee82536f32d4d52384b270422672b887641a9f7c8e72e1a22ffa32534e0f008b1e95e44aee3547a1a33

  • SSDEEP

    196608:D/BgW+jY1zaGCwCwo3WIvSOHnJGCwL3caee5vYPaqGa/srL5QmuUVPIOVmYZZQxU:Dpg24GCB3VHJGPDIavY4rFQSV/YlxVUN

Score
9/10

Malware Config

Targets

    • Target

      9bc3304f8e8f352647fa84435b037a6bdfe06d9897cc339536b496f39e98beb0

    • Size

      10.7MB

    • MD5

      a734962038e6c57ebc89cec0cbe74705

    • SHA1

      690db5bcac5732efb57cd523ae8c6197755b3a6d

    • SHA256

      9bc3304f8e8f352647fa84435b037a6bdfe06d9897cc339536b496f39e98beb0

    • SHA512

      2542d1d4d6286bb816d0084624ede82ee53f298022ffcee82536f32d4d52384b270422672b887641a9f7c8e72e1a22ffa32534e0f008b1e95e44aee3547a1a33

    • SSDEEP

      196608:D/BgW+jY1zaGCwCwo3WIvSOHnJGCwL3caee5vYPaqGa/srL5QmuUVPIOVmYZZQxU:Dpg24GCB3VHJGPDIavY4rFQSV/YlxVUN

    Score
    9/10

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks