Overview

overview

8

Static

static

d35cb14938...0d.exe

windows7-x64

8

d35cb14938...0d.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    d35cb14938abf1a4cf388e0665d34c4c61b3008a7c2a70bb70348bd19ceaa60d

  • Size

    238KB

  • Sample

    221129-shwscsdg4x

  • MD5

    b4c09f813a2fffe61e7a04649b5c0db1

  • SHA1

    146063c158f97d436a2110ddb84a6416abb11731

  • SHA256

    d35cb14938abf1a4cf388e0665d34c4c61b3008a7c2a70bb70348bd19ceaa60d

  • SHA512

    36832f2538a8df7b7038395e807c07f229f1a6c3b7c4a47412984956cc5ddc70bec9d0697c4917e82993c753159d7fe89ab460b713ee1b37713468c8598a5966

  • SSDEEP

    3072:pBAp5XhKpN4eOyVTGfhEClj8jTk+0hUy8FlDv+Cgw5CKHm:sbXE9OiTGfhEClq9v1mJJUm

Score
8/10
discovery

Malware Config

Targets

    • Target

      d35cb14938abf1a4cf388e0665d34c4c61b3008a7c2a70bb70348bd19ceaa60d

    • Size

      238KB

    • MD5

      b4c09f813a2fffe61e7a04649b5c0db1

    • SHA1

      146063c158f97d436a2110ddb84a6416abb11731

    • SHA256

      d35cb14938abf1a4cf388e0665d34c4c61b3008a7c2a70bb70348bd19ceaa60d

    • SHA512

      36832f2538a8df7b7038395e807c07f229f1a6c3b7c4a47412984956cc5ddc70bec9d0697c4917e82993c753159d7fe89ab460b713ee1b37713468c8598a5966

    • SSDEEP

      3072:pBAp5XhKpN4eOyVTGfhEClj8jTk+0hUy8FlDv+Cgw5CKHm:sbXE9OiTGfhEClq9v1mJJUm

    Score
    8/10
    discovery

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks