Overview

overview

8

Static

static

3

1468c490e1...bc.exe

windows7-x64

8

1468c490e1...bc.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    1468c490e1d7a668879e31388ac0206e79959d15663d3b4ea92e125c408b89bc

  • Size

    399KB

  • Sample

    231012-vk8k2sch5t

  • MD5

    c1cd2254f8cadebc5c2a6cd57bc768b0

  • SHA1

    1b86f641c8c840e16af69978264c56d9aa391d35

  • SHA256

    1468c490e1d7a668879e31388ac0206e79959d15663d3b4ea92e125c408b89bc

  • SHA512

    a60b8243c5c6a420b1dc1ecb71b1875b05997c9409c130fd456f737a71f994063e5a2affbaedf11f762d1c7baa5c302e8f30e8b2e2d321abe9d92535fd43d0f9

  • SSDEEP

    6144:mKiYJL+K7EQ5vrt5AVfL8haEK4sDzLPFZcEOkCybEaQRXr9HNdvOa:6qEU0Vf4ha0sDzDOkx2LIa

Score
8/10

Malware Config

Targets

    • Target

      1468c490e1d7a668879e31388ac0206e79959d15663d3b4ea92e125c408b89bc

    • Size

      399KB

    • MD5

      c1cd2254f8cadebc5c2a6cd57bc768b0

    • SHA1

      1b86f641c8c840e16af69978264c56d9aa391d35

    • SHA256

      1468c490e1d7a668879e31388ac0206e79959d15663d3b4ea92e125c408b89bc

    • SHA512

      a60b8243c5c6a420b1dc1ecb71b1875b05997c9409c130fd456f737a71f994063e5a2affbaedf11f762d1c7baa5c302e8f30e8b2e2d321abe9d92535fd43d0f9

    • SSDEEP

      6144:mKiYJL+K7EQ5vrt5AVfL8haEK4sDzLPFZcEOkCybEaQRXr9HNdvOa:6qEU0Vf4ha0sDzDOkx2LIa

    Score
    8/10

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks