Overview

overview

7

Static

static

1

sp-music-c...er.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    sp-music-converter.exe

  • Size

    694KB

  • Sample

    230715-s9adfabd58

  • MD5

    fbfe5db7d15decf05dbe5876fb53b50a

  • SHA1

    8551123f8c52d02df3caf529b952506a89c2b569

  • SHA256

    aa43cd0278db5cd83203a3a4e3dd2583bee2e857460498bd809eb2b6430df942

  • SHA512

    24ff8a45b11f0afbbccdf9c36e83abd09f0f305a9ad177b136083012f27c8407b767c4ac9d7d119a19ee7b67451b401237d23ee85161a3c851da932e7376474d

  • SSDEEP

    12288:gqh2rQejRK4uVADPNKT1zH3ptaR1sDfOQSvJqFZ6JIiFnWJ6ea/03d:gk2rQejMTqDu173pG1szLSvJwefFnYyK

Score
7/10
discovery

Malware Config

Targets

    • Target

      sp-music-converter.exe

    • Size

      694KB

    • MD5

      fbfe5db7d15decf05dbe5876fb53b50a

    • SHA1

      8551123f8c52d02df3caf529b952506a89c2b569

    • SHA256

      aa43cd0278db5cd83203a3a4e3dd2583bee2e857460498bd809eb2b6430df942

    • SHA512

      24ff8a45b11f0afbbccdf9c36e83abd09f0f305a9ad177b136083012f27c8407b767c4ac9d7d119a19ee7b67451b401237d23ee85161a3c851da932e7376474d

    • SSDEEP

      12288:gqh2rQejRK4uVADPNKT1zH3ptaR1sDfOQSvJqFZ6JIiFnWJ6ea/03d:gk2rQejMTqDu173pG1szLSvJwefFnYyK

    Score
    7/10
    discovery

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks