Overview

overview

7

Static

static

1

6a8fece9be...ce.exe

windows7-x64

7

6a8fece9be...ce.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6a8fece9be5ac03498418c8af5c6aece

  • Size

    271KB

  • Sample

    230320-angaraag88

  • MD5

    6a8fece9be5ac03498418c8af5c6aece

  • SHA1

    606c588636eed1bc7edebc7ac3ce19e7b79d2cb6

  • SHA256

    e87ce4880bcd4b1e7236c27a286db8f08f1b96d9135a61f91009ec11583c13e5

  • SHA512

    e3b82a6731879d38e160ce3121e339bc4f5b3bbc3266c99e12a413061a3a7768d4913c20096b4dd17ef7f62f2e0008693fedda6de870ee335874bf3ddc21628a

  • SSDEEP

    6144:/Ya6fiDubloeu2NxgovVkHmSQM6mHkDFEr70S4jzaWyAAFLs1TkDjh+60w:/YViD6oTyxgovWGjM1DH0vs3l2k/h+/w

Score
7/10

Malware Config

Targets

    • Target

      6a8fece9be5ac03498418c8af5c6aece

    • Size

      271KB

    • MD5

      6a8fece9be5ac03498418c8af5c6aece

    • SHA1

      606c588636eed1bc7edebc7ac3ce19e7b79d2cb6

    • SHA256

      e87ce4880bcd4b1e7236c27a286db8f08f1b96d9135a61f91009ec11583c13e5

    • SHA512

      e3b82a6731879d38e160ce3121e339bc4f5b3bbc3266c99e12a413061a3a7768d4913c20096b4dd17ef7f62f2e0008693fedda6de870ee335874bf3ddc21628a

    • SSDEEP

      6144:/Ya6fiDubloeu2NxgovVkHmSQM6mHkDFEr70S4jzaWyAAFLs1TkDjh+60w:/YViD6oTyxgovWGjM1DH0vs3l2k/h+/w

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks