Overview

overview

9

Static

static

1

Fluid-V2.5.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    Fluid-V2.5.exe

  • Size

    17.5MB

  • Sample

    230322-bqeqdaga9x

  • MD5

    0640a8c9a196dbb169089d9a7f408c88

  • SHA1

    7805e03d28727543d89a4a5676b0d80b150247d0

  • SHA256

    2f359e5b5191e6094c6ab9de254018f39a2e8e1a7ff5a9acc24d479454d934a1

  • SHA512

    8f69f4014546deebfc7ce1e3da2e6f673345c87e81c5d67cf541dbc76cec86a8dd478bc7ebe0063860388f0b67e8aed182cdfc05fec9a4da1a08121d16e5a280

  • SSDEEP

    24576:IO3Iuyf9ToGvlZvM0rnf3BeuVePTwqGoWKhMC0V7RkoejpdZfji81s+y9ekUeD8:zFc0+MXwq3zTtjzfXE

Score
9/10
evasion

Malware Config

Targets

    • Target

      Fluid-V2.5.exe

    • Size

      17.5MB

    • MD5

      0640a8c9a196dbb169089d9a7f408c88

    • SHA1

      7805e03d28727543d89a4a5676b0d80b150247d0

    • SHA256

      2f359e5b5191e6094c6ab9de254018f39a2e8e1a7ff5a9acc24d479454d934a1

    • SHA512

      8f69f4014546deebfc7ce1e3da2e6f673345c87e81c5d67cf541dbc76cec86a8dd478bc7ebe0063860388f0b67e8aed182cdfc05fec9a4da1a08121d16e5a280

    • SSDEEP

      24576:IO3Iuyf9ToGvlZvM0rnf3BeuVePTwqGoWKhMC0V7RkoejpdZfji81s+y9ekUeD8:zFc0+MXwq3zTtjzfXE

    Score
    9/10
    evasion

    • Looks for VirtualBox Guest Additions in registry

      evasion

    • Downloads MZ/PE file

    • Looks for VMWare Tools registry key

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks