Overview

overview

7

Static

static

3

c85470607f...25.exe

windows7-x64

5

c85470607f...25.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    c85470607f3724fb18c01720464257e6411445e74a7436cf1dec6e49e199ba25

  • Size

    3.5MB

  • Sample

    231012-necsvshc56

  • MD5

    3bf16478b0776bb2f1234161fd80b9fd

  • SHA1

    85b746f13836bdbc9e73dc3ceddf6fcb4777f337

  • SHA256

    c85470607f3724fb18c01720464257e6411445e74a7436cf1dec6e49e199ba25

  • SHA512

    085c147f33f61697ab20b0c86c847743d59b273de1f1b4de86453b3738e061847e5dcfc5722157cb01f79aa213557de5c5973c8a716d5f1e8de3ee28fcdc6f75

  • SSDEEP

    98304:LQGme7it86OE8U0HBsRLMi70IE7reACLn:9me2t8hE81HBsRLMc0z7G

Score
7/10

Malware Config

Targets

    • Target

      c85470607f3724fb18c01720464257e6411445e74a7436cf1dec6e49e199ba25

    • Size

      3.5MB

    • MD5

      3bf16478b0776bb2f1234161fd80b9fd

    • SHA1

      85b746f13836bdbc9e73dc3ceddf6fcb4777f337

    • SHA256

      c85470607f3724fb18c01720464257e6411445e74a7436cf1dec6e49e199ba25

    • SHA512

      085c147f33f61697ab20b0c86c847743d59b273de1f1b4de86453b3738e061847e5dcfc5722157cb01f79aa213557de5c5973c8a716d5f1e8de3ee28fcdc6f75

    • SSDEEP

      98304:LQGme7it86OE8U0HBsRLMi70IE7reACLn:9me2t8hE81HBsRLMc0z7G

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks