Overview

overview

7

Static

static

3

Invoice.exe

windows7-x64

7

Invoice.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    Invoice.exe

  • Size

    272KB

  • Sample

    230720-l18rbafc65

  • MD5

    4b13c07a48e57799e54f6e38e34ff6be

  • SHA1

    6a0290c82cb922e60e949b7f52e9c9fe031433f1

  • SHA256

    94509d1a6070cfbaeeee0e3de30bf14dce5f4b28bfeef4ab3cf9bedbd0a07dd1

  • SHA512

    59fa40ea070de7421643c51e5c8a140ef5cd2296568fad594f230940f940a813e368e68fa22bc738fe453afa8d1587c00967c8880ae42cd07ad8fbf3279e2514

  • SSDEEP

    6144:/Ya6xeXPYBCWD04uosQ3v4nDR/dxo0u4pSDZJhFlrUdGv:/YbefYQ6eBQfMR/no4m/HKd4

Score
7/10

Malware Config

Targets

    • Target

      Invoice.exe

    • Size

      272KB

    • MD5

      4b13c07a48e57799e54f6e38e34ff6be

    • SHA1

      6a0290c82cb922e60e949b7f52e9c9fe031433f1

    • SHA256

      94509d1a6070cfbaeeee0e3de30bf14dce5f4b28bfeef4ab3cf9bedbd0a07dd1

    • SHA512

      59fa40ea070de7421643c51e5c8a140ef5cd2296568fad594f230940f940a813e368e68fa22bc738fe453afa8d1587c00967c8880ae42cd07ad8fbf3279e2514

    • SSDEEP

      6144:/Ya6xeXPYBCWD04uosQ3v4nDR/dxo0u4pSDZJhFlrUdGv:/YbefYQ6eBQfMR/no4m/HKd4

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks