Overview

overview

7

Static

static

1

Proof Of P...ce.exe

windows7-x64

7

Proof Of P...ce.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Proof Of Payment & Proforma Invoice.exe

  • Size

    250KB

  • Sample

    230308-sv7qdsbf2x

  • MD5

    6b345cea35b215d9ec425e8e296d0a69

  • SHA1

    feef635ed40ebe4433775162448093a4c9bd8ae5

  • SHA256

    bf71631457bec8633d10c816bfa914ef51bee4acda9a37c2613697976a21decb

  • SHA512

    84cd410f471dcfe36754bd1f0da43c6571a086aa844a2e30da020207eea28e312e3750f0f85b6369b93c8f0327dc03a161f58142a5c1bb48c28170e1e75f5651

  • SSDEEP

    6144:vYa6ax8wmLesKidsPTAuYezNsrlHt0YW7oZD:vYcmwmLeFkzezNuttJWkZ

Score
7/10

Malware Config

Targets

    • Target

      Proof Of Payment & Proforma Invoice.exe

    • Size

      250KB

    • MD5

      6b345cea35b215d9ec425e8e296d0a69

    • SHA1

      feef635ed40ebe4433775162448093a4c9bd8ae5

    • SHA256

      bf71631457bec8633d10c816bfa914ef51bee4acda9a37c2613697976a21decb

    • SHA512

      84cd410f471dcfe36754bd1f0da43c6571a086aa844a2e30da020207eea28e312e3750f0f85b6369b93c8f0327dc03a161f58142a5c1bb48c28170e1e75f5651

    • SSDEEP

      6144:vYa6ax8wmLesKidsPTAuYezNsrlHt0YW7oZD:vYcmwmLeFkzezNuttJWkZ

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks