Overview

overview

7

Static

static

3

Bilgisi.exe

windows7-x64

7

Bilgisi.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    Bilgisi_1.gz

  • Size

    795KB

  • Sample

    230513-pjkjyaae3w

  • MD5

    7804793935de36b98c46c35b202bfa44

  • SHA1

    62cd727548303fdb247d895f91c71430a4cece03

  • SHA256

    f6e55c114a31f49d73ce4fc873794047c3430ad1b831eeff9cbec08cb59687c9

  • SHA512

    7b5d0d2d5e0fed548de394effa9ec16c8d497cbf00b42ae6d8155f1932724e785c16aaabfa0876c1894797ba5f11cdfcd19a90433db64f2e74acf78df59ae2cf

  • SSDEEP

    12288:fxR4g66mysX1cIV1aN1dACD2aXIq+ZFxt2AXJP71+9ZoF9GZHXPpemTIMdR/2:AgfsX1LCSpZ/t2y9GZHXER

Score
7/10

Malware Config

Targets

    • Target

      Bilgisi.exe

    • Size

      911KB

    • MD5

      4051c8645d60804d075cc15199d367a9

    • SHA1

      6d72877d4062198c763b5002f6756d4c6ffaca19

    • SHA256

      ba32b88272d740492397598f40465cc2133265a5bc06cd58fb42a10480a4d6db

    • SHA512

      1081a24245bf41c5a4c5c3c4c1091b4cb1d00226c54d623a20a79767f027af71f5b2bee7764c19913c429072cde9b3e03a937da112550dc925a4e44e40f8617e

    • SSDEEP

      12288:NcrNS33L10QdrXjrDngL0B1aN1BAuD66XIq+bFxn2AX3P7h+9ZGFDGZlXlpumTI/:wNA3R5drXnDgLIuOJb/n2qDGZlXqrRt

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks