Overview

overview

7

Static

static

3

indent- 40120517.exe

windows7-x64

7

indent- 40120517.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    indent- 40120517.zip

  • Size

    277KB

  • Sample

    230531-h931msdh9v

  • MD5

    84ed99aa697d4253df761cca7d4c2334

  • SHA1

    e3adf9376f6b7d019cc7c1589eef986ccd76a7ac

  • SHA256

    1e7fb87cf1590c576f83a7d53ab647076d64417277867c3d8f1c19d85d444dbf

  • SHA512

    20723326fa2b1a2ef4ff6bf6d095a43e924604b6a32289e42c96a5c3ecf5259e4c0ce97600a04aa7c5aa524a3efbf26e5ee49aa3be7bfd489bbc039940369ae5

  • SSDEEP

    6144:zhZlzAdqk9Xcj1K9CauZBpcSBSVsT/MFQW81fOMd/e7wARDLRo7yuO:zhYt9X9CauZB2SBOUSY1mMk8ARDlkyuO

Score
7/10

Malware Config

Targets

    • Target

      indent- 40120517.exe

    • Size

      302KB

    • MD5

      313524e6258ef1bdb3a175c90a0b2455

    • SHA1

      cea80ba15c62c703665c556316cbbc2a0a9a8bf9

    • SHA256

      57b9e598a2344a9f11ea57e9def885d0548034bbfd7020c697770bc68d12660d

    • SHA512

      05256d66284ff44e34127ef521309160c7e9c7f09cf77cf1038da858733d6c2e0ebf1fdfdab2dfa30501976d819c20b915157f48a9d12b77866d4f25c0f966ff

    • SSDEEP

      6144:AYa6F09XGjbm9UAuN3p+SBSV8T/kFQW81/OMdb27wAn7xRo7G5l:AYn09b9UAuN3ESBOEaY1GME8An7PkG5l

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks