Overview

overview

7

Static

static

3

e5289cd212...b9.exe

windows7-x64

7

e5289cd212...b9.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    e5289cd212aa4e108819d82a042238c6fe30a91b3a200078cd48cea5e61194b9

  • Size

    2.3MB

  • Sample

    230930-2a17jsfg5s

  • MD5

    f10ca1d3522e43228ff239f585615210

  • SHA1

    b67a99c58390d85217ef511e439ced3a88f4cdde

  • SHA256

    e5289cd212aa4e108819d82a042238c6fe30a91b3a200078cd48cea5e61194b9

  • SHA512

    1b6ce208c4c7a44cf408474f47f21ad7be551607ac23020e4d969991a820373c8d86b1bf37e6ff7ad22a036edcef997648363f24d6997bb29ba34176d88da84f

  • SSDEEP

    49152:zAQJOAv+fWLsbe/lG4U2lKeLZrMh7NteW07q4bDg:EQMKUqsbSlG4U2fLZruba+4bDg

Score
7/10

Malware Config

Targets

    • Target

      e5289cd212aa4e108819d82a042238c6fe30a91b3a200078cd48cea5e61194b9

    • Size

      2.3MB

    • MD5

      f10ca1d3522e43228ff239f585615210

    • SHA1

      b67a99c58390d85217ef511e439ced3a88f4cdde

    • SHA256

      e5289cd212aa4e108819d82a042238c6fe30a91b3a200078cd48cea5e61194b9

    • SHA512

      1b6ce208c4c7a44cf408474f47f21ad7be551607ac23020e4d969991a820373c8d86b1bf37e6ff7ad22a036edcef997648363f24d6997bb29ba34176d88da84f

    • SSDEEP

      49152:zAQJOAv+fWLsbe/lG4U2lKeLZrMh7NteW07q4bDg:EQMKUqsbSlG4U2fLZruba+4bDg

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks