Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    7.3MB

  • Sample

    221124-jxqefsdc5x

  • MD5

    fa2dfe7feccca8d5b9ba5cd8b8e5792d

  • SHA1

    93c2a07f97bb434dce404e01e6ba5291556460ae

  • SHA256

    2141d0be243afae9b5f294b8147902732f1e8edc9ff55a8c3c383d0f2ed7d20c

  • SHA512

    05cefe677e077f394b18ab4526a22a728de99afee3c3b9f0198b9d0b8ea378429aba72ae75bac9aa8173ff863ad55a304abfe6ef7537ca3db75e3cc524772e20

  • SSDEEP

    196608:91Oty50nydUb3HV2AyPTLWhadXqNIjM3oeC17QAS2qj2Hj:3O00nN3xy7KalqNIjM3oeCGASYD

Score
10/10
evasiontrojan

Malware Config

Targets

    • Target

      file.exe

    • Size

      7.3MB

    • MD5

      fa2dfe7feccca8d5b9ba5cd8b8e5792d

    • SHA1

      93c2a07f97bb434dce404e01e6ba5291556460ae

    • SHA256

      2141d0be243afae9b5f294b8147902732f1e8edc9ff55a8c3c383d0f2ed7d20c

    • SHA512

      05cefe677e077f394b18ab4526a22a728de99afee3c3b9f0198b9d0b8ea378429aba72ae75bac9aa8173ff863ad55a304abfe6ef7537ca3db75e3cc524772e20

    • SSDEEP

      196608:91Oty50nydUb3HV2AyPTLWhadXqNIjM3oeC17QAS2qj2Hj:3O00nN3xy7KalqNIjM3oeCGASYD

    Score
    10/10
    evasiontrojan

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • Executes dropped EXE

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks