Overview

overview

7

Static

static

7

a4df733d5b...f0.exe

windows7-x64

7

a4df733d5b...f0.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    09e61eb3f5951880bf0bd3dd5.bin

  • Size

    808KB

  • Sample

    230630-ngkw9aha54

  • MD5

    4c5f18c4069194b9b7a73eaf4f09a4a3

  • SHA1

    624e7939d918381cd67b764c928cd82e910a6708

  • SHA256

    864dd6c8eda6e622fb9e08022f76efe6551bc8c4df64216eb9abd7552b192a56

  • SHA512

    1d21d47957b2d534474eb518ece167a94c374a9d10ed1988aaa4f3ed467dd5e59feb55c19d429a82b9711f577548eddc6d1a25ad5d5593a2ef537cba4b78527f

  • SSDEEP

    24576:a444HwalOgWw1VEmRZhow4a3mRgkAGsSxB:aXjaQgWw1VEaZK63mRwG9

Score
7/10

Malware Config

Targets

    • Target

      a4df733d5bc4d0c50249f228bd100ac4bffd19a330d57363039a1d0f18bd56f0.exe

    • Size

      1.4MB

    • MD5

      09e61eb3f5951880bf0bd3dd5d11e147

    • SHA1

      7c3d7f87a30a11b3c712ceeb6a8ea210bd9b4c32

    • SHA256

      a4df733d5bc4d0c50249f228bd100ac4bffd19a330d57363039a1d0f18bd56f0

    • SHA512

      3c7f6099f921cc1aaf3930247ef0faf138a653931e21e5104ae7c0cdfe4e8a2f4cfb41dd72396d189700c8fe4d8b6fb9c4caed6ca18178c2d43b0f0abf0ebce2

    • SSDEEP

      24576:qhp8fcSXj38idpKHJUeXZYkjm061M95J5p67f8CNTJApJdF8mY1HESHe8Az97LFp:+p8fcSXj38iuJUeXZYka061M95p67UgE

    Score
    7/10

    • .NET Reactor proctector

      Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks