Overview

overview

8

Static

static

3

ef1b9135e8...22.exe

windows7-x64

8

ef1b9135e8...22.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    ef1b9135e8a243a505f5d3028d71a922

  • Size

    11.3MB

  • Sample

    231222-txn7haaad4

  • MD5

    ef1b9135e8a243a505f5d3028d71a922

  • SHA1

    c947a5c43b86c448ab98729a8059b53cfca83b3b

  • SHA256

    935f60791863769c64b601ffd195d74ebfb84894fba303b3847d11b762ff8cf5

  • SHA512

    5b791ca1477633e2c73f457d854bda964e478546c22aa8e527b737c0d47c1be282db7c3d1d03e3590e5603488d419a01c127afc62b296771d9ed2bb44a1b16c2

  • SSDEEP

    196608:SbPk5HyC8k5h/wDdEoNiV4I/WWwA7mFMgWbPk5HyC8k5h/wDdEoNiV4I/WWwA7mK:SbPk5HPhJCFMgWbPk5HPhJCFMgsbPk56

Score
8/10

Malware Config

Targets

    • Target

      ef1b9135e8a243a505f5d3028d71a922

    • Size

      11.3MB

    • MD5

      ef1b9135e8a243a505f5d3028d71a922

    • SHA1

      c947a5c43b86c448ab98729a8059b53cfca83b3b

    • SHA256

      935f60791863769c64b601ffd195d74ebfb84894fba303b3847d11b762ff8cf5

    • SHA512

      5b791ca1477633e2c73f457d854bda964e478546c22aa8e527b737c0d47c1be282db7c3d1d03e3590e5603488d419a01c127afc62b296771d9ed2bb44a1b16c2

    • SSDEEP

      196608:SbPk5HyC8k5h/wDdEoNiV4I/WWwA7mFMgWbPk5HyC8k5h/wDdEoNiV4I/WWwA7mK:SbPk5HPhJCFMgWbPk5HPhJCFMgsbPk56

    Score
    8/10

    • Drops file in Drivers directory

    • Manipulates Digital Signatures

      Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks