Overview

overview

8

Static

static

3

8b8b9db9d8...77.exe

windows7-x64

8

8b8b9db9d8...77.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8b8b9db9d8daedb335f15ffd093b51041630f9f551ef9a6a8a149415087cb377

  • Size

    2.5MB

  • Sample

    231011-frkp8sdd23

  • MD5

    97d92f76e8cbe66a6f4a202cd7798ae5

  • SHA1

    bac776090d16c197a94f50f6f69852c17b86e46d

  • SHA256

    8b8b9db9d8daedb335f15ffd093b51041630f9f551ef9a6a8a149415087cb377

  • SHA512

    f0c1faa6341c8b4c0a37358d18f0ce582e36c9cbe181ae31a6632696437931e38c666d651cd1d7aec082089ce0a3575213d1fb51c723a50912b121ede5368a94

  • SSDEEP

    24576:KXqtba4lOOWuk04i7jjU6k7QeLqB4dTbCOdIxZM:KXRDirU6k7KB4dToZM

Score
8/10

Malware Config

Targets

    • Target

      8b8b9db9d8daedb335f15ffd093b51041630f9f551ef9a6a8a149415087cb377

    • Size

      2.5MB

    • MD5

      97d92f76e8cbe66a6f4a202cd7798ae5

    • SHA1

      bac776090d16c197a94f50f6f69852c17b86e46d

    • SHA256

      8b8b9db9d8daedb335f15ffd093b51041630f9f551ef9a6a8a149415087cb377

    • SHA512

      f0c1faa6341c8b4c0a37358d18f0ce582e36c9cbe181ae31a6632696437931e38c666d651cd1d7aec082089ce0a3575213d1fb51c723a50912b121ede5368a94

    • SSDEEP

      24576:KXqtba4lOOWuk04i7jjU6k7QeLqB4dTbCOdIxZM:KXRDirU6k7KB4dToZM

    Score
    8/10

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks