Overview

overview

9

Static

static

1

2345explor...18.exe

windows7-x64

4

2345explor...18.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2345explorer_50889140818.exe

  • Size

    70.4MB

  • Sample

    230601-gh2stsdc8v

  • MD5

    478e9c15d8bc1c80eeb67b8564348f7a

  • SHA1

    c8a415af1394dc7da0c83015af370938222a8e76

  • SHA256

    0ef03cadf05e1ea17d389296296fe7c04870a11baa524a6dfc78969cdd6b481d

  • SHA512

    5a8f9d3872cbada8a0ce6d5fc9d826c088221532c9fb67cfea118512ddc32c3e3e9b66d1144b7054856903624c4f5614265dfe6e679c203ae9ed89701d4324b9

  • SSDEEP

    1572864:bVt66jZ+b2eoA381hxahaBQj67y8KFNy56kia6xWDvo8Nj41EcR8DXiODE:bVtBFJASxab9y56I6UbNjkE5I

Score
9/10
discoveryevasionpersistence

Malware Config

Targets

    • Target

      2345explorer_50889140818.exe

    • Size

      70.4MB

    • MD5

      478e9c15d8bc1c80eeb67b8564348f7a

    • SHA1

      c8a415af1394dc7da0c83015af370938222a8e76

    • SHA256

      0ef03cadf05e1ea17d389296296fe7c04870a11baa524a6dfc78969cdd6b481d

    • SHA512

      5a8f9d3872cbada8a0ce6d5fc9d826c088221532c9fb67cfea118512ddc32c3e3e9b66d1144b7054856903624c4f5614265dfe6e679c203ae9ed89701d4324b9

    • SSDEEP

      1572864:bVt66jZ+b2eoA381hxahaBQj67y8KFNy56kia6xWDvo8Nj41EcR8DXiODE:bVtBFJASxab9y56I6UbNjkE5I

    Score
    9/10
    discoveryevasionpersistence

    • Checks for common network interception software

      Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.

      evasion

    • Drops file in Drivers directory

    • Sets service image path in registry

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks