Overview

overview

8

Static

static

1

sample.html

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    sample

  • Size

    344KB

  • Sample

    230715-zgx3csbg73

  • MD5

    9edc1014118cec9803df15e66df1ce8e

  • SHA1

    98d4ebf26aadfbc2ee23d943176246ec6f164b57

  • SHA256

    835ea773257ee7488e1214ecc23a3efc4b4c43fd6992edf10072ff5636ee1b21

  • SHA512

    fa48aefbf5b4a7a401c29a677035fca785b7208e1f6476ec4222641516f6d9c2852142e60e3f42d4dd68cd7a5929671486be44b79e7883d79bc77917470aea65

  • SSDEEP

    3072:gQjtCB9tfwa7+lepje60I4VsOGRv52MjVXej95:dt+9tfwYpje60I4V/GRv52MjVXej95

Score
8/10

Malware Config

Targets

    • Target

      sample

    • Size

      344KB

    • MD5

      9edc1014118cec9803df15e66df1ce8e

    • SHA1

      98d4ebf26aadfbc2ee23d943176246ec6f164b57

    • SHA256

      835ea773257ee7488e1214ecc23a3efc4b4c43fd6992edf10072ff5636ee1b21

    • SHA512

      fa48aefbf5b4a7a401c29a677035fca785b7208e1f6476ec4222641516f6d9c2852142e60e3f42d4dd68cd7a5929671486be44b79e7883d79bc77917470aea65

    • SSDEEP

      3072:gQjtCB9tfwa7+lepje60I4VsOGRv52MjVXej95:dt+9tfwYpje60I4V/GRv52MjVXej95

    Score
    8/10

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks