Overview

overview

7

Static

static

3

AWB 5290160308.exe

windows7-x64

7

AWB 5290160308.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    AWBX5290160308.ace

  • Size

    276KB

  • Sample

    230712-qfhrlsec7v

  • MD5

    3fc8213f5d6626c3c72b8dd00246a8cd

  • SHA1

    ca0f8a9ea05633e4f16a6fc3739ef746f9a8ffc5

  • SHA256

    7e690d444517ef7b03efdac704bfbbbe2c66a79b9deaaf41acbcca7b9f63296d

  • SHA512

    33359efecf3310b37a0a9c142b8457bca625edb963fcd8517caa161f06d88ade994ea801ce52f3c259543b695b2fa299364d11e1890eb46fe911f7ec960a6efd

  • SSDEEP

    6144:D5nXhrTGIMT1ffSmXplndACU1maguO3/F7MJXyGIg88C8+GbMtOI:lnXhrCXfzXpkJga1+JEiGuT7

Score
7/10

Malware Config

Targets

    • Target

      AWB 5290160308.exe

    • Size

      291KB

    • MD5

      1a0c4ae0300480337ba38f533cb5af18

    • SHA1

      9c1fa21bb5aae368ecf84bd3843495da7f5c837e

    • SHA256

      2cc3c1b87813c1f2562f73c417fcaac945fff4696048f8cc5003e8127c457081

    • SHA512

      6655596e1220c71198298189ed8c444d4e9f869b8bdea90318bda8c405032a48133e4d6f468a56371ff18587c9126bb76bc34ed8d1c22ca4105ceac48cc77069

    • SSDEEP

      6144:/Ya6oveyONi0uwCcArEPMrqqCj/Vatg+sF/aZReO7qIFkUB:/YmGfNi02rTrqqu0tbsJ0UIFkUB

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks