Overview

overview

7

Static

static

8add444fef...72.exe

windows7-x64

5

8add444fef...72.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8add444fef813fdc14f7f84d96eedf744d27af483d1a4e5cbae8f2e70b9a2572

  • Size

    1.7MB

  • Sample

    221125-ygme7aba45

  • MD5

    7528fdd1b057cf66efd96bce95224bc0

  • SHA1

    0163c3c0d487eefbcd89d3498fc1e7f03b3fec17

  • SHA256

    8add444fef813fdc14f7f84d96eedf744d27af483d1a4e5cbae8f2e70b9a2572

  • SHA512

    8d34ba00be0b78be74956e1fd1269fe2e55421c74c65845a7c550cce9411464364a0815e002dc3defc3f23c2e994ef5e69654cb90f59f45b8e766a2d39eac2b2

  • SSDEEP

    24576:B9aVH768bvqKXo310XqTER8OCYbxPTQi688MT2vTaogMcN3r:rax768bvqB31iRlLNTOaoxcN3r

Score
7/10

Malware Config

Targets

    • Target

      8add444fef813fdc14f7f84d96eedf744d27af483d1a4e5cbae8f2e70b9a2572

    • Size

      1.7MB

    • MD5

      7528fdd1b057cf66efd96bce95224bc0

    • SHA1

      0163c3c0d487eefbcd89d3498fc1e7f03b3fec17

    • SHA256

      8add444fef813fdc14f7f84d96eedf744d27af483d1a4e5cbae8f2e70b9a2572

    • SHA512

      8d34ba00be0b78be74956e1fd1269fe2e55421c74c65845a7c550cce9411464364a0815e002dc3defc3f23c2e994ef5e69654cb90f59f45b8e766a2d39eac2b2

    • SSDEEP

      24576:B9aVH768bvqKXo310XqTER8OCYbxPTQi688MT2vTaogMcN3r:rax768bvqB31iRlLNTOaoxcN3r

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks