Overview

overview

7

Static

static

fab06c988a...24.exe

windows7-x64

6

fab06c988a...24.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fab06c988ae1e8e242bcabf3e8237a732ea6632ce1a994039b3bd9569316ab24

  • Size

    72KB

  • Sample

    221202-gzlg6sdh3t

  • MD5

    4493208848b3f154ee9850cf5e3be0c0

  • SHA1

    f0d720050089c1aa16c1e5149a9056b2b1c6d2d5

  • SHA256

    fab06c988ae1e8e242bcabf3e8237a732ea6632ce1a994039b3bd9569316ab24

  • SHA512

    c893b76101ea396bd7c95e7e8b1b16d67b21b2e5a6f8183ad604c526c2884657a818443833a5174034095998ede4fa876671530705204fa4d1e26a949c5b5527

  • SSDEEP

    1536:+IK1UYxgU6kl+0sTSVYSN/4/xEKb6JVoNHIU9P6EnI:+nSYxgU6kl+0sTSVYw/4/xEKb6JVoNHq

Score
7/10

Malware Config

Targets

    • Target

      fab06c988ae1e8e242bcabf3e8237a732ea6632ce1a994039b3bd9569316ab24

    • Size

      72KB

    • MD5

      4493208848b3f154ee9850cf5e3be0c0

    • SHA1

      f0d720050089c1aa16c1e5149a9056b2b1c6d2d5

    • SHA256

      fab06c988ae1e8e242bcabf3e8237a732ea6632ce1a994039b3bd9569316ab24

    • SHA512

      c893b76101ea396bd7c95e7e8b1b16d67b21b2e5a6f8183ad604c526c2884657a818443833a5174034095998ede4fa876671530705204fa4d1e26a949c5b5527

    • SSDEEP

      1536:+IK1UYxgU6kl+0sTSVYSN/4/xEKb6JVoNHIU9P6EnI:+nSYxgU6kl+0sTSVYw/4/xEKb6JVoNHq

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

3
T1082

Peripheral Device Discovery

1
T1120

Process Discovery

1
T1057

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks