Overview

overview

7

Static

static

3

003737.exe

windows7-x64

7

003737.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    003737.cab

  • Size

    275KB

  • Sample

    230606-gyzcmscg6z

  • MD5

    e1a3106f748936635720e92df26b7235

  • SHA1

    b57bfe227ae17386ed6015857b7947a11367f200

  • SHA256

    474eca1ef80533c60080a208a15b3f8f3a73d0e8cc1af138f07272a6bc178f7c

  • SHA512

    6518d3d6fe95400c406e15e0d9c1d09e722625f7e2cff91ab32b14e9bd71dca7c5c666a4d287fd8027dd29a6f0ffac1527475ce10f2ed616c2cee5749036ba02

  • SSDEEP

    6144:VK89CVCXbCjT9OV9VXh5MMzmzN318BCl6XoSC9P8Pw6CX0Zi:g89/sT9O9BYOJ4/Ywci

Score
7/10

Malware Config

Targets

    • Target

      003737.exe

    • Size

      300KB

    • MD5

      d93dd4200d1997c9b734bc2b1de77dc8

    • SHA1

      9b96aa19510fd49e13d394017284c325ea81dc7c

    • SHA256

      12a06c74a79a595fce85c5cd05c043a6b1a830e50d84971dcfba52d100d76fc6

    • SHA512

      9aacc357225cc8462dc6ebdb4c93528ec28796b847788e645865b2a987e501f57cb4c3ba3cc3894971c3a6fc6dc1f3ad207399f7078cdea388629c1c8987e6cf

    • SSDEEP

      6144:AYa6rb6wHR86N8RbEpztPAZ3IZUOGAdHwWM0g4uGFzq8Mh:AYJbFx86CBEe3Il/LpXukQh

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks