Overview

overview

7

Static

static

3

28e693b783...ec.exe

windows7-x64

28e693b783...ec.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    28e693b783eeb26da5394c99e18697ec

  • Size

    7.9MB

  • Sample

    231219-p266nafgak

  • MD5

    28e693b783eeb26da5394c99e18697ec

  • SHA1

    d83ff1e8b42474189ffae60e0a67ff121b48401c

  • SHA256

    91c46b6f80e00962af3260629ff8950c6c0dd463bd93f6c0b0adb3c08e0be5af

  • SHA512

    f1ec13176f36ab53e5062b3b09481d0213e6c396539c7ce3a58d092a42f8310abd8e3106db00023ec7915a64107ee3e5f219748d1e285373a2b35837a32dcbd5

  • SSDEEP

    196608:8eazg7DSmeazg7DSmeazg7DSmeazg7DSN:cg7uOg7uOg7uOg7uN

Score
7/10
persistence

Malware Config

Targets

    • Target

      28e693b783eeb26da5394c99e18697ec

    • Size

      7.9MB

    • MD5

      28e693b783eeb26da5394c99e18697ec

    • SHA1

      d83ff1e8b42474189ffae60e0a67ff121b48401c

    • SHA256

      91c46b6f80e00962af3260629ff8950c6c0dd463bd93f6c0b0adb3c08e0be5af

    • SHA512

      f1ec13176f36ab53e5062b3b09481d0213e6c396539c7ce3a58d092a42f8310abd8e3106db00023ec7915a64107ee3e5f219748d1e285373a2b35837a32dcbd5

    • SSDEEP

      196608:8eazg7DSmeazg7DSmeazg7DSmeazg7DSN:cg7uOg7uOg7uOg7uN

    Score
    7/10
    persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks