Overview

overview

8

Static

static

fc32ce991e...5f.exe

windows7-x64

8

fc32ce991e...5f.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    fc32ce991e82e2dd41495023b858cd8d816eb572d5f7c92855e8535a5cc6555f

  • Size

    280KB

  • Sample

    221124-k739qsgd7t

  • MD5

    824c3f66a00bb862f8d20d0d4fa3dbf0

  • SHA1

    f0016e9d85fffad6e0f2f1c94242aec851d821ef

  • SHA256

    fc32ce991e82e2dd41495023b858cd8d816eb572d5f7c92855e8535a5cc6555f

  • SHA512

    f8bd50c4424efd3c4e7f5e1676cea068bc6a56a4febfb4fb992e0e6c53434bee7bea13121d33a927d46adf2e8cd15327f14cc3b28e0b427509c7e60fd6014540

  • SSDEEP

    6144:Q/dDBeoBpIkoQYB44a3EPIaeTTMcDN9+jT6T0pbdDWx:QT0r1cEPIayTM696GTIEx

Score
8/10
persistence

Malware Config

Targets

    • Target

      fc32ce991e82e2dd41495023b858cd8d816eb572d5f7c92855e8535a5cc6555f

    • Size

      280KB

    • MD5

      824c3f66a00bb862f8d20d0d4fa3dbf0

    • SHA1

      f0016e9d85fffad6e0f2f1c94242aec851d821ef

    • SHA256

      fc32ce991e82e2dd41495023b858cd8d816eb572d5f7c92855e8535a5cc6555f

    • SHA512

      f8bd50c4424efd3c4e7f5e1676cea068bc6a56a4febfb4fb992e0e6c53434bee7bea13121d33a927d46adf2e8cd15327f14cc3b28e0b427509c7e60fd6014540

    • SSDEEP

      6144:Q/dDBeoBpIkoQYB44a3EPIaeTTMcDN9+jT6T0pbdDWx:QT0r1cEPIayTM696GTIEx

    Score
    8/10
    persistence

    • Sets file execution options in registry

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Checks for any installed AV software in registry

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks