Overview

overview

8

Static

static

d9318f0be4...0e.exe

windows7-x64

8

d9318f0be4...0e.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d9318f0be41564bf6c33614d27fbcd97a11b3aec7c128fab62f75a123e3d920e

  • Size

    56KB

  • Sample

    221204-a54sdafh6s

  • MD5

    a91fe0d26b0af6b1dabe09967a695b11

  • SHA1

    49a9f02b485c99cb32c3658e6c5e3c943c9165be

  • SHA256

    d9318f0be41564bf6c33614d27fbcd97a11b3aec7c128fab62f75a123e3d920e

  • SHA512

    a33ba44aa2845b95498d45e11222b8bf642179d53d168bfde086c4ebc5d07c21d2e91ada732a5b6db78a3fdb6bac8fd137a1baa813bee23872d50f195dd93f6b

  • SSDEEP

    1536:EXAj4d9lZXp0RuoOlabXAdWE+4OnFokNx3aGGgo:Nalr0fOeXAdWEuXNxqGXo

Score
8/10

Malware Config

Targets

    • Target

      d9318f0be41564bf6c33614d27fbcd97a11b3aec7c128fab62f75a123e3d920e

    • Size

      56KB

    • MD5

      a91fe0d26b0af6b1dabe09967a695b11

    • SHA1

      49a9f02b485c99cb32c3658e6c5e3c943c9165be

    • SHA256

      d9318f0be41564bf6c33614d27fbcd97a11b3aec7c128fab62f75a123e3d920e

    • SHA512

      a33ba44aa2845b95498d45e11222b8bf642179d53d168bfde086c4ebc5d07c21d2e91ada732a5b6db78a3fdb6bac8fd137a1baa813bee23872d50f195dd93f6b

    • SSDEEP

      1536:EXAj4d9lZXp0RuoOlabXAdWE+4OnFokNx3aGGgo:Nalr0fOeXAdWEuXNxqGXo

    Score
    8/10

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks