Overview

overview

8

Static

static

1

de4b7e1403...d2.exe

windows7-x64

8

de4b7e1403...d2.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    de4b7e1403e683bb1f73e248c2c65ad2.exe

  • Size

    385KB

  • Sample

    230217-e81bksdg58

  • MD5

    de4b7e1403e683bb1f73e248c2c65ad2

  • SHA1

    d0dbba2fdafa673e47e51808a7ef0d7ae66f38d4

  • SHA256

    79ae6681fe6fdf1d7810a3bf37811b7c49f706ca0f4c04ab719633f924f727ad

  • SHA512

    762adab97915a42e7b78ec71240bfc84af2a1110868d8aec2babc4e929c673a656abf8e20ad79efc404af010e44cfd305c955553142d951c916f2be006129c54

  • SSDEEP

    6144:FYa6ivdcKL2XHUvHciNxr14E5ltY1+v3Hr0xaKyLI9XrXV0pbezngKAz:FYUiUVPXr1vTS+v3Qa/LwrecNAz

Score
8/10

Malware Config

Targets

    • Target

      de4b7e1403e683bb1f73e248c2c65ad2.exe

    • Size

      385KB

    • MD5

      de4b7e1403e683bb1f73e248c2c65ad2

    • SHA1

      d0dbba2fdafa673e47e51808a7ef0d7ae66f38d4

    • SHA256

      79ae6681fe6fdf1d7810a3bf37811b7c49f706ca0f4c04ab719633f924f727ad

    • SHA512

      762adab97915a42e7b78ec71240bfc84af2a1110868d8aec2babc4e929c673a656abf8e20ad79efc404af010e44cfd305c955553142d951c916f2be006129c54

    • SSDEEP

      6144:FYa6ivdcKL2XHUvHciNxr14E5ltY1+v3Hr0xaKyLI9XrXV0pbezngKAz:FYUiUVPXr1vTS+v3Qa/LwrecNAz

    Score
    8/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks