Overview

overview

7

Static

static

3

00d3d0c493...da.exe

windows7-x64

7

00d3d0c493...da.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bf06b230800b247480122519febf9b1b.bin

  • Size

    252KB

  • Sample

    230428-cbl2ksda5t

  • MD5

    c2e0eb1567f2da22edade48da78dcce8

  • SHA1

    69d4834d9ea686149bc16728494767240f6aa975

  • SHA256

    710d15e8864d825c4e5c0c00d2e60ba37cbaad78c9166869f915e6a19c20b5fa

  • SHA512

    eb5d2ae77f8535ce179e4ec371a08576257419a625e401525ad4d9df9dd49a6cc7b3179e55722a0538053346986190a6e6041a0937ea9ccfb84332fd29cb0dc2

  • SSDEEP

    6144:6t4uBM/pzyRpTQt5BWdGMGZzBBq708IRqCmR:6hM/pzyR6cGMGZFBR8IRI

Score
7/10

Malware Config

Targets

    • Target

      00d3d0c49343dba533737e4a17cf453697aa569b00d07deb2cd7688c66d88ada.exe

    • Size

      266KB

    • MD5

      bf06b230800b247480122519febf9b1b

    • SHA1

      39131291b747c87b25ac36b8d9c27afe55d3b628

    • SHA256

      00d3d0c49343dba533737e4a17cf453697aa569b00d07deb2cd7688c66d88ada

    • SHA512

      23d7a29fa3687bf767fbfef227f3e55fb08652822a957bbfe7a95cb9246f73a74fa936c9f78a8b6118b25bccb75ebebb0ea680d5594c72907811bb24e6acf7de

    • SSDEEP

      6144:PYa6xF99EDoKzKKslaPQsZbfSr+URvU+31XtD71erCXy4pRGjspnY2E2:PYT/eDoJJsZbfSl93Rxzy4pRj1FV

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks