Overview

overview

9

Static

static

af3e6d76ca...ec.exe

windows7-x64

9

af3e6d76ca...ec.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    af3e6d76ca80b4db9c8218befeb3b85bf8545cf8277c13324ea870133ecb52ec

  • Size

    538KB

  • Sample

    221204-pgyzjsgg57

  • MD5

    7a6cee465502fd5c5ee9fa522f376310

  • SHA1

    294234c66b393a9f37dbd0d1096d5b627d3497ba

  • SHA256

    af3e6d76ca80b4db9c8218befeb3b85bf8545cf8277c13324ea870133ecb52ec

  • SHA512

    18617b1efaecc85f3f0383b972da48923a5b3d71f743a1b705dedb0b752550ec2570bd1b6e74e5d047c618ee3c63dc335d3f865b61b44ef4756a977abfe6614f

  • SSDEEP

    12288:6Yhcq8xzZTkQ4DDfO+lDp5QBooT3oDznHbUl0il67L5:BhcTZTaDfXNQCrPbGa/5

Score
9/10
evasion

Malware Config

Targets

    • Target

      af3e6d76ca80b4db9c8218befeb3b85bf8545cf8277c13324ea870133ecb52ec

    • Size

      538KB

    • MD5

      7a6cee465502fd5c5ee9fa522f376310

    • SHA1

      294234c66b393a9f37dbd0d1096d5b627d3497ba

    • SHA256

      af3e6d76ca80b4db9c8218befeb3b85bf8545cf8277c13324ea870133ecb52ec

    • SHA512

      18617b1efaecc85f3f0383b972da48923a5b3d71f743a1b705dedb0b752550ec2570bd1b6e74e5d047c618ee3c63dc335d3f865b61b44ef4756a977abfe6614f

    • SSDEEP

      12288:6Yhcq8xzZTkQ4DDfO+lDp5QBooT3oDznHbUl0il67L5:BhcTZTaDfXNQCrPbGa/5

    Score
    9/10
    evasion

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks