Overview

overview

7

Static

static

3

Invoice.exe

windows7-x64

7

Invoice.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    Invoice.rar

  • Size

    272KB

  • Sample

    230713-hccr7age7s

  • MD5

    9daefc1eae8fdadcf509d8eab425cd66

  • SHA1

    afcce8bf90602288a12ae77f8e092bb9c3df3737

  • SHA256

    e931dd3e90929590cda8e72e0bb076ac67141e6fd74c60e7e890d496c39f792c

  • SHA512

    d3e220ccf9e3f370a8c7031ab8acf0e7680df5babab1e9eee9389987422bd4c0f2b680d9393ae991af504fd5d5d79a358115afc8f4028df1b7f8417249116215

  • SSDEEP

    6144:muFeasw1Tnr79L5tUjHDh7OGwOvUgTeoHLz3vA:jUar9VCjHFKGRvUGPY

Score
7/10

Malware Config

Targets

    • Target

      Invoice.exe

    • Size

      288KB

    • MD5

      d523e46bde57fe8757be9a9d0621a848

    • SHA1

      8ab09f55a4171d31de3e0f26cbea3f24b278db4a

    • SHA256

      38c1c1705e3b01c99f4767d19065cbd50ccae650ef3f4ee03c8327a1a33db868

    • SHA512

      d853cba946433d854474dfe672fb3b4196a84d7fded368bb2c4f2d3fc52de6fc86a90c80bc184c987bb4e2f730244eaef42f64d02400fe34b020b15c3093db3d

    • SSDEEP

      6144:/Ya6vhkS/3xIK2bNE1+pPss8vNm9LDLaAn8LM9uAsLy:/YFhN6K2m1+px8Y9LDL/Cxy

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks