Overview

overview

8

Static

static

f056d6f718...c2.exe

windows7-x64

8

f056d6f718...c2.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f056d6f718bb3eff711b2848b3f2bb12e382800bdffb75ad5b61fe1cb14bc4c2

  • Size

    241KB

  • Sample

    221125-pw6myaha85

  • MD5

    ffd5da021af5260af449cb71413e9d39

  • SHA1

    b38a68c6858f3dc0d5da4b134d44bc37c8a481d1

  • SHA256

    f056d6f718bb3eff711b2848b3f2bb12e382800bdffb75ad5b61fe1cb14bc4c2

  • SHA512

    da9b77cd2f5d47bc6465550c0a608905e309ac72d1c4127e216824ce8bb4ef41281856f45afa0f0f0499b8a413378c9c78ee851ebebcc10a0104d6ed1e93248a

  • SSDEEP

    6144:zZXBsWqsE/Ao+mv8Qv0LVmwq4FU0nN876NKxlgNMkEFUD:lXmwRo+mv8QD4+0N46NKxlg6FFY

Score
8/10
discovery

Malware Config

Targets

    • Target

      f056d6f718bb3eff711b2848b3f2bb12e382800bdffb75ad5b61fe1cb14bc4c2

    • Size

      241KB

    • MD5

      ffd5da021af5260af449cb71413e9d39

    • SHA1

      b38a68c6858f3dc0d5da4b134d44bc37c8a481d1

    • SHA256

      f056d6f718bb3eff711b2848b3f2bb12e382800bdffb75ad5b61fe1cb14bc4c2

    • SHA512

      da9b77cd2f5d47bc6465550c0a608905e309ac72d1c4127e216824ce8bb4ef41281856f45afa0f0f0499b8a413378c9c78ee851ebebcc10a0104d6ed1e93248a

    • SSDEEP

      6144:zZXBsWqsE/Ao+mv8Qv0LVmwq4FU0nN876NKxlgNMkEFUD:lXmwRo+mv8QD4+0N46NKxlg6FFY

    Score
    8/10
    discovery

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks