Overview

overview

8

Static

static

b971f98765...18.exe

windows7-x64

8

b971f98765...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    b971f98765e2ef41c89b2cf3a15e9ccb7d7cf68a1bc560629ecc0771c5a48a18

  • Size

    165KB

  • Sample

    221202-3hgnjsec79

  • MD5

    81fd42a8f9429ae57addcec944cc0b58

  • SHA1

    3dc0b6f36b1fd7572280d7797c7b787e544275f7

  • SHA256

    b971f98765e2ef41c89b2cf3a15e9ccb7d7cf68a1bc560629ecc0771c5a48a18

  • SHA512

    1f2f017d8c44cf3fbbdb620bb1d3eaf9a3c4bf4e6e90081c5d8581421ec416ba1c2b3b6df50d27c8ed4c68e09283a6acedf301420f00cba78b414c1e76c822db

  • SSDEEP

    3072:GJWurz3uhFxi2Gjc9UzPJPnXeVhJ6bF/M/5gdSC5apVyctuuJ9+QSXM:GJWez3ur4jcmzBOV7eyy8CWVhrr4c

Score
8/10

Malware Config

Targets

    • Target

      b971f98765e2ef41c89b2cf3a15e9ccb7d7cf68a1bc560629ecc0771c5a48a18

    • Size

      165KB

    • MD5

      81fd42a8f9429ae57addcec944cc0b58

    • SHA1

      3dc0b6f36b1fd7572280d7797c7b787e544275f7

    • SHA256

      b971f98765e2ef41c89b2cf3a15e9ccb7d7cf68a1bc560629ecc0771c5a48a18

    • SHA512

      1f2f017d8c44cf3fbbdb620bb1d3eaf9a3c4bf4e6e90081c5d8581421ec416ba1c2b3b6df50d27c8ed4c68e09283a6acedf301420f00cba78b414c1e76c822db

    • SSDEEP

      3072:GJWurz3uhFxi2Gjc9UzPJPnXeVhJ6bF/M/5gdSC5apVyctuuJ9+QSXM:GJWez3ur4jcmzBOV7eyy8CWVhrr4c

    Score
    8/10

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks