Overview

overview

8

Static

static

file.exe

windows7-x64

3

file.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.exe

  • Size

    4.0MB

  • Sample

    221223-vppnqsca3z

  • MD5

    76799b73e771aa410a5d7c99af506bbc

  • SHA1

    c1be41e0dc5469a236a26a8f8ee95eb7c7f523a6

  • SHA256

    b755cccc5f6ac4b9c0d40f94d842f2d810b19324f95989250e88ecec01659845

  • SHA512

    f5dac66b9ecd7c3627101f6cd4feffc84ea5884d2c7db07a220da798844c4136c3e37e52b74325a62b03ca90a2f62ce3a3f068924a6c56069d7ed85f50bc5d92

  • SSDEEP

    98304:MddUP24zAY2rnBsOjUCm1QgFYinSmWKWnfQ5yeep4Y3aN+6:MddY244rzjZC8KWYYzpLqN+6

Score
8/10

Malware Config

Targets

    • Target

      file.exe

    • Size

      4.0MB

    • MD5

      76799b73e771aa410a5d7c99af506bbc

    • SHA1

      c1be41e0dc5469a236a26a8f8ee95eb7c7f523a6

    • SHA256

      b755cccc5f6ac4b9c0d40f94d842f2d810b19324f95989250e88ecec01659845

    • SHA512

      f5dac66b9ecd7c3627101f6cd4feffc84ea5884d2c7db07a220da798844c4136c3e37e52b74325a62b03ca90a2f62ce3a3f068924a6c56069d7ed85f50bc5d92

    • SSDEEP

      98304:MddUP24zAY2rnBsOjUCm1QgFYinSmWKWnfQ5yeep4Y3aN+6:MddY244rzjZC8KWYYzpLqN+6

    Score
    8/10

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks