Overview

overview

8

Static

static

3

64b5c664ca...92.exe

windows7-x64

8

64b5c664ca...92.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    64b5c664ca8ac53874742ea0d25df2579d5dc7458a40573ce32854f81b614992

  • Size

    2.2MB

  • Sample

    230708-yfap1ahf36

  • MD5

    6f0c3d6e3ce7d1c01f84081024bae0cd

  • SHA1

    44b5650287ac6dcbb55caa2f6d9a95d768b4ef3c

  • SHA256

    64b5c664ca8ac53874742ea0d25df2579d5dc7458a40573ce32854f81b614992

  • SHA512

    3103628e8501bd55aa3140efa319596dc4c60525b97078ef5e6ec4ab34b82c797f06a8f718c194887e6e4d7142aed05ea9f953a78ca0eac98fbd634a68841c1c

  • SSDEEP

    49152:3DQv3k0lhqNRt9fKJNCiB3koxaWkboakNZ4:zQ/k0DYRt9CJNCZWaoBo

Score
8/10

Malware Config

Targets

    • Target

      64b5c664ca8ac53874742ea0d25df2579d5dc7458a40573ce32854f81b614992

    • Size

      2.2MB

    • MD5

      6f0c3d6e3ce7d1c01f84081024bae0cd

    • SHA1

      44b5650287ac6dcbb55caa2f6d9a95d768b4ef3c

    • SHA256

      64b5c664ca8ac53874742ea0d25df2579d5dc7458a40573ce32854f81b614992

    • SHA512

      3103628e8501bd55aa3140efa319596dc4c60525b97078ef5e6ec4ab34b82c797f06a8f718c194887e6e4d7142aed05ea9f953a78ca0eac98fbd634a68841c1c

    • SSDEEP

      49152:3DQv3k0lhqNRt9fKJNCiB3koxaWkboakNZ4:zQ/k0DYRt9CJNCZWaoBo

    Score
    8/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks