Overview

overview

8

Static

static

3

111eb90aae...a0.exe

windows7-x64

8

111eb90aae...a0.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    111eb90aaea0909afa4964c77322b8a0

  • Size

    125KB

  • Sample

    231219-naqtxsabhl

  • MD5

    111eb90aaea0909afa4964c77322b8a0

  • SHA1

    c12cb37bd63ca1a45088680be09e1065b493bb88

  • SHA256

    11b7cee76f64313400b1143867f45d6717a28c51d01797847f69115238773b5f

  • SHA512

    6c2a801dccb9f060ca15d10d93d84a287e37046bd6758f75d6065ba8f75c84a7c48557c733fb2c8fd779c3919d6fb0053690a9763a928f63d8b02d6e3a83caeb

  • SSDEEP

    768:MXUs1ZmxDMmCuXUs1ZmxDMmC4/EXHJMYJTGHoJHRQ4p/TrpZim964Kg4kDGh1h3:MEsyxfXEsyxfX83PoSQm5fRyB

Score
8/10

Malware Config

Targets

    • Target

      111eb90aaea0909afa4964c77322b8a0

    • Size

      125KB

    • MD5

      111eb90aaea0909afa4964c77322b8a0

    • SHA1

      c12cb37bd63ca1a45088680be09e1065b493bb88

    • SHA256

      11b7cee76f64313400b1143867f45d6717a28c51d01797847f69115238773b5f

    • SHA512

      6c2a801dccb9f060ca15d10d93d84a287e37046bd6758f75d6065ba8f75c84a7c48557c733fb2c8fd779c3919d6fb0053690a9763a928f63d8b02d6e3a83caeb

    • SSDEEP

      768:MXUs1ZmxDMmCuXUs1ZmxDMmC4/EXHJMYJTGHoJHRQ4p/TrpZim964Kg4kDGh1h3:MEsyxfXEsyxfX83PoSQm5fRyB

    Score
    8/10

    • Drops file in Drivers directory

    • Manipulates Digital Signatures

      Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks