Overview

overview

7

Static

static

3

rSHIPMENTGEORGI.exe

windows7-x64

7

rSHIPMENTGEORGI.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    rSHIPMENTGEORGI.exe

  • Size

    252KB

  • Sample

    230505-pw6myaae82

  • MD5

    415c5beaaff6543a0f5559bc10789f36

  • SHA1

    faca3834ce2516d6a43a2c9a154fa9a0a50674c2

  • SHA256

    235d7cb7d2d35ad991f67311975965620376148951b68725519f723e6a795610

  • SHA512

    c9e82197dacb6049a1f33370df7e6d9f53a123a2620bb08e9cc5b3946f55eeb50c9305f8cd7d4d7b6af4d218ff0577f99549bab442718b7d2beb7ecdd19bffe1

  • SSDEEP

    6144:vYa66lYhg1lRNQvOzZZPR6TOA10XBeeoxE4nG3J8KdmeGon:vYMlYhWlRNQv0RgR814nG3J8KDd

Score
7/10

Malware Config

Targets

    • Target

      rSHIPMENTGEORGI.exe

    • Size

      252KB

    • MD5

      415c5beaaff6543a0f5559bc10789f36

    • SHA1

      faca3834ce2516d6a43a2c9a154fa9a0a50674c2

    • SHA256

      235d7cb7d2d35ad991f67311975965620376148951b68725519f723e6a795610

    • SHA512

      c9e82197dacb6049a1f33370df7e6d9f53a123a2620bb08e9cc5b3946f55eeb50c9305f8cd7d4d7b6af4d218ff0577f99549bab442718b7d2beb7ecdd19bffe1

    • SSDEEP

      6144:vYa66lYhg1lRNQvOzZZPR6TOA10XBeeoxE4nG3J8KdmeGon:vYMlYhWlRNQv0RgR814nG3J8KDd

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks