Overview

overview

8

Static

static

3

download.exe

windows7-x64

8

download.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    44b5d48e029fa4eb6ee2723701945a13

  • Size

    90KB

  • Sample

    231225-3zyy6accc2

  • MD5

    44b5d48e029fa4eb6ee2723701945a13

  • SHA1

    dbc3e60e7ac994f02c78bbdd601057e0c524c9ad

  • SHA256

    9215dc50d072419d5aa2f77cfa83ed6356506362f53dfed46ce859a6870d7420

  • SHA512

    abffacb5bcf211ae93410d2175c7f37875dc0654a6fb5f978cbabafbe5c99bef55060e3331b134055c2ec75f25924cf8a2609c6480eab65d2d0f2333ce741e77

  • SSDEEP

    1536:wvg1WKQmK74VzprUxe7kvLSPkIJNE9sq0Qs07t1xyv1DPDGd1vrvcA1+0+cMszp4:wvgEL7Yo4PkH9sIbHsdDPDsjngE3kPhR

Score
8/10

Malware Config

Targets

    • Target

      download.exe

    • Size

      180KB

    • MD5

      aa60fcefbae790397407fac5fd30d6f7

    • SHA1

      b016528bed7726c92498c9d91d63fd800d60e016

    • SHA256

      67873407a7836c7359b6e691bd3e719d68a5d778ff6603b98cb0a7a80a186266

    • SHA512

      74ab1596aac43df14561fead295efb26f63dab90d5dd7175ebca222b90617bdfa1bebaf44ea7e515467e30d8959d11e295407d7b8364a9b5f25f20d4aa538f89

    • SSDEEP

      3072:SBAp5XhKpN4eOyVTGfhEClj8jTk+0hj9nPsyVGzRXh:hbXE9OiTGfhEClq9cnUyVGL

    Score
    8/10

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks