Overview

overview

7

Static

static

3

Document.exe

windows7-x64

7

Document.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    Document.exe

  • Size

    848KB

  • Sample

    231107-xn7h9sdf5v

  • MD5

    f5cc9b22aedf6e67f54e4aba591de188

  • SHA1

    85edbdcc33b7ab94125a1648155b28836f68143b

  • SHA256

    93e67c89acf315406deaec6ad48437458dcc4a26a00d528777fad25ff4e431fc

  • SHA512

    a061e197bd3deb531c36b14fcc2ae0f9849f34f37917605bd732a5abb5e95b306ed432e4022065a1b888953c42fd19363e010bd24591f925af2a5f3124473f0d

  • SSDEEP

    12288:XVpB8+zE79+9RWVagCqKAmGiJzpWBCFPSb0pWmYLqwTCH5guOL:IMWVagCY6zpA8P00pQhCH

Score
7/10

Malware Config

Targets

    • Target

      Document.exe

    • Size

      848KB

    • MD5

      f5cc9b22aedf6e67f54e4aba591de188

    • SHA1

      85edbdcc33b7ab94125a1648155b28836f68143b

    • SHA256

      93e67c89acf315406deaec6ad48437458dcc4a26a00d528777fad25ff4e431fc

    • SHA512

      a061e197bd3deb531c36b14fcc2ae0f9849f34f37917605bd732a5abb5e95b306ed432e4022065a1b888953c42fd19363e010bd24591f925af2a5f3124473f0d

    • SSDEEP

      12288:XVpB8+zE79+9RWVagCqKAmGiJzpWBCFPSb0pWmYLqwTCH5guOL:IMWVagCY6zpA8P00pQhCH

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks