Overview

overview

7

Static

static

1

29fb7632d7...81.exe

windows7-x64

7

29fb7632d7...81.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    29fb7632d7e495f0f9f23524d130fd81.exe

  • Size

    305KB

  • Sample

    230215-qy7tfsbh95

  • MD5

    29fb7632d7e495f0f9f23524d130fd81

  • SHA1

    6fab23aec1df3c36755707bc7fe15da370e2776a

  • SHA256

    da5007b3da914a87cb0b8cb4540b59d08761aeddf058f09aea3b854c43c69bae

  • SHA512

    67f1d51f51a8018a9d1bf3e92bfe745720e95655281a250e945043819ea849fe50e78e4ad8671dec1e1b2f5380f44e288eb73df87110cbb221b5b5c1b63a40a1

  • SSDEEP

    6144:/Ya6H1VsdE/dfnLAthYJpvak1cITgTo+BGms2uOUSgxo/o7LWFfXgwSXbOU0d4wE:/Yl3wgdfLUmJNJqI8NY50ofg4wSKU0WJ

Score
7/10

Malware Config

Targets

    • Target

      29fb7632d7e495f0f9f23524d130fd81.exe

    • Size

      305KB

    • MD5

      29fb7632d7e495f0f9f23524d130fd81

    • SHA1

      6fab23aec1df3c36755707bc7fe15da370e2776a

    • SHA256

      da5007b3da914a87cb0b8cb4540b59d08761aeddf058f09aea3b854c43c69bae

    • SHA512

      67f1d51f51a8018a9d1bf3e92bfe745720e95655281a250e945043819ea849fe50e78e4ad8671dec1e1b2f5380f44e288eb73df87110cbb221b5b5c1b63a40a1

    • SSDEEP

      6144:/Ya6H1VsdE/dfnLAthYJpvak1cITgTo+BGms2uOUSgxo/o7LWFfXgwSXbOU0d4wE:/Yl3wgdfLUmJNJqI8NY50ofg4wSKU0WJ

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks