Overview

overview

7

Static

static

3

Invoice.exe

windows7-x64

7

Invoice.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    Invoice.exe

  • Size

    288KB

  • Sample

    230712-g5gq6sdb7x

  • MD5

    b6a83e939d77b59e15d211d4643422df

  • SHA1

    2d0fae89ba336d08b690b88b365a51cf5f258799

  • SHA256

    84291d10881f84cd06dd28dc30dfe76d6b8c8920f0dc63e7b068a5a03699bd90

  • SHA512

    53f6ab93f6309441b1ad0911d94622e835b28a261f8c9695d8906f62453563d4d10c56d4b7232733e2c1128d337eca198d4da00c882ddf0fc9ddde867aee01d8

  • SSDEEP

    6144:/Ya6y3oXELs2URiSsD+KcYOZrPp8KfCeM9QFBHyH3jzZk1oATFQ:/Yk3o0A2UR71ZZrPpzC88TdZATq

Score
7/10

Malware Config

Targets

    • Target

      Invoice.exe

    • Size

      288KB

    • MD5

      b6a83e939d77b59e15d211d4643422df

    • SHA1

      2d0fae89ba336d08b690b88b365a51cf5f258799

    • SHA256

      84291d10881f84cd06dd28dc30dfe76d6b8c8920f0dc63e7b068a5a03699bd90

    • SHA512

      53f6ab93f6309441b1ad0911d94622e835b28a261f8c9695d8906f62453563d4d10c56d4b7232733e2c1128d337eca198d4da00c882ddf0fc9ddde867aee01d8

    • SSDEEP

      6144:/Ya6y3oXELs2URiSsD+KcYOZrPp8KfCeM9QFBHyH3jzZk1oATFQ:/Yk3o0A2UR71ZZrPpzC88TdZATq

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks