Overview

overview

8

Static

static

48d192ac71...3d.exe

windows7-x64

8

48d192ac71...3d.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    48d192ac7197e3fcb1aa8d6b46a0cab2d41343e1630a190d4ca433b4eecddd3d

  • Size

    259KB

  • Sample

    221126-kjn5xaaa5v

  • MD5

    a20d46664d06744d2515d69eeff57508

  • SHA1

    7c1dd71389b6661c36f7c0d64531d03c4e71fc29

  • SHA256

    48d192ac7197e3fcb1aa8d6b46a0cab2d41343e1630a190d4ca433b4eecddd3d

  • SHA512

    60bf71e7b80e447e2a9197ff365805d8e5e257b3f4f3787b6fb9940a9d40f710d5880f1910689d5f8cbe79cbbb1f4478afc6aa3eb134b61b3b741c4ab1e268cf

  • SSDEEP

    1536:ltPixznncp3vKONOI0Z/IY9Vt1jFmyBoI9uAnBSGFeXA9jJbZjwSrSMLDhKOzxf2:bPixnncpSONDyRTkwQAbOCzNx/TtOLf

Score
8/10
persistence

Malware Config

Targets

    • Target

      48d192ac7197e3fcb1aa8d6b46a0cab2d41343e1630a190d4ca433b4eecddd3d

    • Size

      259KB

    • MD5

      a20d46664d06744d2515d69eeff57508

    • SHA1

      7c1dd71389b6661c36f7c0d64531d03c4e71fc29

    • SHA256

      48d192ac7197e3fcb1aa8d6b46a0cab2d41343e1630a190d4ca433b4eecddd3d

    • SHA512

      60bf71e7b80e447e2a9197ff365805d8e5e257b3f4f3787b6fb9940a9d40f710d5880f1910689d5f8cbe79cbbb1f4478afc6aa3eb134b61b3b741c4ab1e268cf

    • SSDEEP

      1536:ltPixznncp3vKONOI0Z/IY9Vt1jFmyBoI9uAnBSGFeXA9jJbZjwSrSMLDhKOzxf2:bPixnncpSONDyRTkwQAbOCzNx/TtOLf

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks