Overview

overview

7

Static

static

1

WinToolkit.exe

windows7-x64

5

WinToolkit.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    WinToolkit_1.7.0.15.7z

  • Size

    4.7MB

  • Sample

    230326-bwyqfafa85

  • MD5

    255655cedd7cafbdd7c97cd673686ec2

  • SHA1

    2a4e6b779152bdca9de39ef65a876c0a3143f687

  • SHA256

    1689f64e86ddd497dcb845f9f4a41d09804a4599192d0827e734adc8659ae847

  • SHA512

    d63a04cc5a07e04465cdaf8a2b4378d958f2fe60cb950ff2f63a3bf53f859d9b23e51831d750461bddf9d2af5649e8b22408aa6ea8f6661ca9d479da0b08da0b

  • SSDEEP

    98304:lXi4oVK+fHp1641PuzpW0Mu41NaF/I9FRfQEc1r39+uM:lXoHw41PuzpPbgS/I97qNt+uM

Score
7/10

Malware Config

Targets

    • Target

      WinToolkit.exe

    • Size

      17.1MB

    • MD5

      86e3765bd385c07ee8130bcc8818b0f7

    • SHA1

      3132600be547a702097dbd92d852c0e2d9893086

    • SHA256

      9df3185347ef7d85e2252dbb233369bd1183bf969e65413d07867cb6975509ab

    • SHA512

      ebca9fc505e6357349c92e971fcc55a2e3db2fac1abe0bac22a7d296e10957f9c28cef2c76841dc8ef8bd2bf497bec144df6284cb2c8628d738b3627670ae1e0

    • SSDEEP

      393216:Rn2R47DAB2HsdCjoZO/0Va7yMDudoP65kL2FA3CBcTeN4fKp0bm1QHSxsjO9Iva3:Rn2R47DAB2HsdCjoZO/0Va7yMDudoP6X

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks