Overview

overview

7

Static

static

3

1.exe

windows7-x64

5

1.exe

windows10-2004-x64

7

Resubmissions

14/11/2023, 13:20

231114-qk6z1ace8y 7

14/11/2023, 13:15

231114-qhq6rsbd34 7

Sharing

Copy URL Twitter E-mail

General

  • Target

    1.exe

  • Size

    668KB

  • Sample

    231114-qk6z1ace8y

  • MD5

    1eda484bf740bdf87173a46271d8dd1a

  • SHA1

    813dcaf2c989519707b140a7382b5e5c633c392f

  • SHA256

    3b79e392617523720c040a2e0b39f0ff47593a420ecc9edcb9cd8b9e1d7baca6

  • SHA512

    8f6585a57e4ef6dc330ff95232357973a1586ef632eff0a4af0e77d55e0c9deab40f2082dd4b760a20bbbb1ea4230e0fd5a970c9060bef277f479b88f9df52cc

  • SSDEEP

    12288:Ki8qEisUH/9r7ECv6pfryKLnURZIRqWcev1UXF4UgiA8LX5ckq:eqEWlr78pzyrZIAVZ3Kk

Score
7/10
persistence

Malware Config

Targets

    • Target

      1.exe

    • Size

      668KB

    • MD5

      1eda484bf740bdf87173a46271d8dd1a

    • SHA1

      813dcaf2c989519707b140a7382b5e5c633c392f

    • SHA256

      3b79e392617523720c040a2e0b39f0ff47593a420ecc9edcb9cd8b9e1d7baca6

    • SHA512

      8f6585a57e4ef6dc330ff95232357973a1586ef632eff0a4af0e77d55e0c9deab40f2082dd4b760a20bbbb1ea4230e0fd5a970c9060bef277f479b88f9df52cc

    • SSDEEP

      12288:Ki8qEisUH/9r7ECv6pfryKLnURZIRqWcev1UXF4UgiA8LX5ckq:eqEWlr78pzyrZIAVZ3Kk

    Score
    7/10
    persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Blocklisted process makes network request

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks