Overview

overview

7

Static

static

1

Zahlungsbe...ng.exe

windows7-x64

7

Zahlungsbe...ng.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    Zahlungsbestatigung.iso

  • Size

    994KB

  • Sample

    230215-pl7ggsbd9w

  • MD5

    eb92001a634da8d66ee035c0f6ce5e22

  • SHA1

    9c369cba6083700969906ac2486ef0ae071d30d7

  • SHA256

    b674ac7ebd7b4cc00b7350d3b6daed64e9d7399b39e9beb1944c7d63a9e11c98

  • SHA512

    d3afc229c41694c595927794eebf273626317f1a7291e53f63de06e42e855b1585441785fe84ff7f167da57488908fc9daed73bbedb8b00d8b48f27c6b921009

  • SSDEEP

    12288:ppCip2wbB2gB2iNdtQbTBeiTGiK4hl3YM+is3DQ8XFktwIbFA:ppCiHV2K1ntQb9V6Yta4twc

Score
7/10

Malware Config

Targets

    • Target

      Zahlungsbestatigung.exe

    • Size

      933KB

    • MD5

      f1d9d5c0b4a2f7974e9ec0440203b453

    • SHA1

      819b0e51990567c96d918566502c60c290628790

    • SHA256

      49fe1618c14d32183b774338d27a474d16e05519bb3967940fb33e6af06170f0

    • SHA512

      30425e0d4ceeaa48f10284545d29c89ce7d1a061d4eb86d90fc9446f83e3ac044a7d3b0c6c4f43ed25a3808e6118f83cd598b89ff64f0e2613a9c882bcf3c827

    • SSDEEP

      12288:ApCip2wbB2gB2iNdtQbTBeiTGiK4hl3YM+is3DQ8XFktwIbFA:ApCiHV2K1ntQb9V6Yta4twc

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks