Overview

overview

9

Static

static

3

41751beac0...5a.exe

windows7-x64

9

41751beac0...5a.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    41751beac063405f446af17d4d24bb0b7ea42b2600412a58ae7c9b6e1d27a85a

  • Size

    11.2MB

  • Sample

    231029-tyhq4sac34

  • MD5

    d9e7a03b56955e90703ec4806e678feb

  • SHA1

    5c4563d0ac7ba88a3aec01f770a810f7b12ebea3

  • SHA256

    41751beac063405f446af17d4d24bb0b7ea42b2600412a58ae7c9b6e1d27a85a

  • SHA512

    ef2594bad556a4dee27e71657eb3499205ba95cc65d325940b2a1c5b0f4516e59144851f9b26690fb5eca74c6795f39dc2cd0bcee1f3a97dd5572ca4e369e326

  • SSDEEP

    196608:zNym2iBYGfsV34e3dsh8V6WyFSMD+cpvJ/4H3nmghWoa/fsysMF4JD85lCkjiY:zN4H3feSMFgXnU7sElCy

Score
9/10
evasion

Malware Config

Targets

    • Target

      41751beac063405f446af17d4d24bb0b7ea42b2600412a58ae7c9b6e1d27a85a

    • Size

      11.2MB

    • MD5

      d9e7a03b56955e90703ec4806e678feb

    • SHA1

      5c4563d0ac7ba88a3aec01f770a810f7b12ebea3

    • SHA256

      41751beac063405f446af17d4d24bb0b7ea42b2600412a58ae7c9b6e1d27a85a

    • SHA512

      ef2594bad556a4dee27e71657eb3499205ba95cc65d325940b2a1c5b0f4516e59144851f9b26690fb5eca74c6795f39dc2cd0bcee1f3a97dd5572ca4e369e326

    • SSDEEP

      196608:zNym2iBYGfsV34e3dsh8V6WyFSMD+cpvJ/4H3nmghWoa/fsysMF4JD85lCkjiY:zN4H3feSMFgXnU7sElCy

    Score
    9/10
    evasion

    • Looks for VirtualBox Guest Additions in registry

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks