Overview

overview

8

Static

static

abe1ad4905...b2.exe

windows7-x64

8

abe1ad4905...b2.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    abe1ad490598b5ae0cd98fb52f784e193deb388447fa1b87d761dc677743ceb2

  • Size

    184KB

  • Sample

    221124-e2977shb45

  • MD5

    637487468a94dbb2b3bf499733cdb8b4

  • SHA1

    8b79078d5bd4e925849af68f12b94fdd5d9cd4eb

  • SHA256

    abe1ad490598b5ae0cd98fb52f784e193deb388447fa1b87d761dc677743ceb2

  • SHA512

    cb429b9085ff8b4f3d6dec21b91875d33f3afc03fb8be3e2863b8d1ac5b71145f4803abefa1a63d3c8bedbba239a5992c645df34cbb6f5e466278d32fd63b6a6

  • SSDEEP

    3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO36:/7BSH8zUB+nGESaaRvoB7FJNndn/

Score
8/10

Malware Config

Targets

    • Target

      abe1ad490598b5ae0cd98fb52f784e193deb388447fa1b87d761dc677743ceb2

    • Size

      184KB

    • MD5

      637487468a94dbb2b3bf499733cdb8b4

    • SHA1

      8b79078d5bd4e925849af68f12b94fdd5d9cd4eb

    • SHA256

      abe1ad490598b5ae0cd98fb52f784e193deb388447fa1b87d761dc677743ceb2

    • SHA512

      cb429b9085ff8b4f3d6dec21b91875d33f3afc03fb8be3e2863b8d1ac5b71145f4803abefa1a63d3c8bedbba239a5992c645df34cbb6f5e466278d32fd63b6a6

    • SSDEEP

      3072:/MzsU0S0w8Hp9Rc/LB+dJGESR4hIRSYaVvb1NVFJNndnO36:/7BSH8zUB+nGESaaRvoB7FJNndn/

    Score
    8/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks