Overview

overview

9

Static

static

e7ff598358...e6.exe

windows7-x64

9

e7ff598358...e6.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e7ff598358f2978b9551c1eb92cac65081d9766850329c2c8701f97ad4a894e6

  • Size

    227KB

  • Sample

    221123-z546ksee73

  • MD5

    8e5d77e488a94fc2cabfc6a95208b495

  • SHA1

    8e3e367510e3fd52c94dc33d4f494ba6a0c01ec0

  • SHA256

    e7ff598358f2978b9551c1eb92cac65081d9766850329c2c8701f97ad4a894e6

  • SHA512

    4ee105abdcd80187aec8f0b1895fe79c3114e7c0cbbda31e86c89ef09982ea067983199244f4add1ea2fcab66ce80c7a3d98822b06b63716015dde968ba327a4

  • SSDEEP

    3072:uYvUyXMinsQ2xZ5eJ187gf4KMXV1dBify4wZj4Md3Lk85GeXMisuljPbVz5i8KJl:uY8yXoia7gajUflMCQGe8Hu1cJrrV

Score
9/10

Malware Config

Targets

    • Target

      e7ff598358f2978b9551c1eb92cac65081d9766850329c2c8701f97ad4a894e6

    • Size

      227KB

    • MD5

      8e5d77e488a94fc2cabfc6a95208b495

    • SHA1

      8e3e367510e3fd52c94dc33d4f494ba6a0c01ec0

    • SHA256

      e7ff598358f2978b9551c1eb92cac65081d9766850329c2c8701f97ad4a894e6

    • SHA512

      4ee105abdcd80187aec8f0b1895fe79c3114e7c0cbbda31e86c89ef09982ea067983199244f4add1ea2fcab66ce80c7a3d98822b06b63716015dde968ba327a4

    • SSDEEP

      3072:uYvUyXMinsQ2xZ5eJ187gf4KMXV1dBify4wZj4Md3Lk85GeXMisuljPbVz5i8KJl:uY8yXoia7gajUflMCQGe8Hu1cJrrV

    Score
    9/10

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks