Overview

overview

8

Static

static

7d9df51945...da.exe

windows7-x64

8

7d9df51945...da.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7d9df5194582b70f8c4a6495c0aa7bb5028e6783f7c28d5b13f619d13c0e3bda

  • Size

    20KB

  • Sample

    221203-acs56sbd2z

  • MD5

    9da52e07710db9ff5033452486f21b36

  • SHA1

    ea738dd477c2bc8857942d7a113a2d41c1f69034

  • SHA256

    7d9df5194582b70f8c4a6495c0aa7bb5028e6783f7c28d5b13f619d13c0e3bda

  • SHA512

    51a82da5de7940012d8780cdbf7e56e73fef6cceaab346909216c425bb8f6bd76cf47ea4ce5d21ec33e7cfc4062f4ebf8923ccafc494f75dc077caa0950229aa

  • SSDEEP

    192:1l5E3krTuntKy0peHDfCpHfBv+I4QwXt9V+jqu0G5KDJBh:1M3PnQoHDCpHf4I4Qwdc0G5KDJn

Score
8/10

Malware Config

Targets

    • Target

      7d9df5194582b70f8c4a6495c0aa7bb5028e6783f7c28d5b13f619d13c0e3bda

    • Size

      20KB

    • MD5

      9da52e07710db9ff5033452486f21b36

    • SHA1

      ea738dd477c2bc8857942d7a113a2d41c1f69034

    • SHA256

      7d9df5194582b70f8c4a6495c0aa7bb5028e6783f7c28d5b13f619d13c0e3bda

    • SHA512

      51a82da5de7940012d8780cdbf7e56e73fef6cceaab346909216c425bb8f6bd76cf47ea4ce5d21ec33e7cfc4062f4ebf8923ccafc494f75dc077caa0950229aa

    • SSDEEP

      192:1l5E3krTuntKy0peHDfCpHfBv+I4QwXt9V+jqu0G5KDJBh:1M3PnQoHDCpHf4I4Qwdc0G5KDJn

    Score
    8/10

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks