Overview

overview

8

Static

static

file.exe

windows7-x64

8

file.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file

  • Size

    7.3MB

  • Sample

    221123-zx3yjsea74

  • MD5

    2d3ad18f288af345af2fb0c319b3b3f5

  • SHA1

    1e9d7ccc74e26b99403e494eafd4a0a8dae516fd

  • SHA256

    eb00ed9a3114cd089951b8eee0074c32f9e755428ac7d24aa093b9194465bf46

  • SHA512

    1155c2bc81462c0b67bae8bc95369240411a217168445db662cb445cb7a9bd30d86f7bf0ecf040f7729f98cd41fbcb65c761c12cbbe5c54e2abbdbf6e6a838fe

  • SSDEEP

    196608:91OKn156tz5ZmHtScKM0vwTcE2X2q2CsthMfnq:3OQkl4+vwwEtftLB

Score
8/10

Malware Config

Targets

    • Target

      file

    • Size

      7.3MB

    • MD5

      2d3ad18f288af345af2fb0c319b3b3f5

    • SHA1

      1e9d7ccc74e26b99403e494eafd4a0a8dae516fd

    • SHA256

      eb00ed9a3114cd089951b8eee0074c32f9e755428ac7d24aa093b9194465bf46

    • SHA512

      1155c2bc81462c0b67bae8bc95369240411a217168445db662cb445cb7a9bd30d86f7bf0ecf040f7729f98cd41fbcb65c761c12cbbe5c54e2abbdbf6e6a838fe

    • SSDEEP

      196608:91OKn156tz5ZmHtScKM0vwTcE2X2q2CsthMfnq:3OQkl4+vwwEtftLB

    Score
    8/10

    • Executes dropped EXE

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks