Overview

overview

8

Static

static

3

Andreu1K_SPOOFER.exe

windows10-1703-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    Andreu1K_SPOOFER.exe

  • Size

    29KB

  • Sample

    231007-dnjyesbc25

  • MD5

    bc2eedb59169024a83a7e9f421c17dfe

  • SHA1

    749c827de22e5cef574112cd922bb773206b30bd

  • SHA256

    376c9370272a7da7751aafbe96b034cfa96a6214ca3b306eb5cfbac17ff636e5

  • SHA512

    901b6e9a01e17dcf73aa05a2f4642b0ec1a052111ad48e9e7b026b9cd6cf41f741a764f3676a07dad5292f577930ff860b18bf429e8a13552dbe0d4f0d6bec6b

  • SSDEEP

    384:ePv1AlhXKCjkLX7sOo4Nihez9bPL7dXbEKjpqpot/VjF0O82jkEZsTOzc7mncySW:3lICGF5J0LQN0OcfHx7B

Score
8/10

Malware Config

Targets

    • Target

      Andreu1K_SPOOFER.exe

    • Size

      29KB

    • MD5

      bc2eedb59169024a83a7e9f421c17dfe

    • SHA1

      749c827de22e5cef574112cd922bb773206b30bd

    • SHA256

      376c9370272a7da7751aafbe96b034cfa96a6214ca3b306eb5cfbac17ff636e5

    • SHA512

      901b6e9a01e17dcf73aa05a2f4642b0ec1a052111ad48e9e7b026b9cd6cf41f741a764f3676a07dad5292f577930ff860b18bf429e8a13552dbe0d4f0d6bec6b

    • SSDEEP

      384:ePv1AlhXKCjkLX7sOo4Nihez9bPL7dXbEKjpqpot/VjF0O82jkEZsTOzc7mncySW:3lICGF5J0LQN0OcfHx7B

    Score
    8/10

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks