Overview

overview

9

Static

static

b9adae6557...3b.exe

windows7-x64

9

b9adae6557...3b.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b9adae655706a8faf20953c3abe5d9212aede0822a90bc9b69b4d9f1d352d83b

  • Size

    353KB

  • Sample

    221127-v1f6qsee76

  • MD5

    482984489450e7e582492ebb6f8743e6

  • SHA1

    82155522f5b61b90dd5700c2365f4d1b4125ec11

  • SHA256

    b9adae655706a8faf20953c3abe5d9212aede0822a90bc9b69b4d9f1d352d83b

  • SHA512

    be01d761ece0d3b00634031be6773b5dfd543f5a0c427bf3b94645503bc5c98672db65c619e96fa16903e169e299352e176b5ec731fd2852494a7c88b874ee01

  • SSDEEP

    6144:qK7hBDO7gNSXo551EgMOK/Vmju+MokGwiquFeoQ3z3T4Qmw:rTO7gNN556gcuu+MokvMevz38w

Score
9/10
persistence

Malware Config

Targets

    • Target

      b9adae655706a8faf20953c3abe5d9212aede0822a90bc9b69b4d9f1d352d83b

    • Size

      353KB

    • MD5

      482984489450e7e582492ebb6f8743e6

    • SHA1

      82155522f5b61b90dd5700c2365f4d1b4125ec11

    • SHA256

      b9adae655706a8faf20953c3abe5d9212aede0822a90bc9b69b4d9f1d352d83b

    • SHA512

      be01d761ece0d3b00634031be6773b5dfd543f5a0c427bf3b94645503bc5c98672db65c619e96fa16903e169e299352e176b5ec731fd2852494a7c88b874ee01

    • SSDEEP

      6144:qK7hBDO7gNSXo551EgMOK/Vmju+MokGwiquFeoQ3z3T4Qmw:rTO7gNN556gcuu+MokvMevz38w

    Score
    9/10
    persistence

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks