Overview

overview

9

Static

static

1

00ff6c5408...68.exe

windows7-x64

9

00ff6c5408...68.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    00ff6c540843ca1d32cabe7a3bc63068

  • Size

    500KB

  • Sample

    231225-dbllgsefb9

  • MD5

    00ff6c540843ca1d32cabe7a3bc63068

  • SHA1

    3d758c82f233954b8e43ed61fdce8b1b34c4d56d

  • SHA256

    1468dfd25571398c40feacfa4ca3745e57002bce8fe31342b73ede6b7175c612

  • SHA512

    6a58a3d018123433b349dad4676a94241c9988f14935aec521e0683c0726e36c5f29713cc5a185383effba3660e380b117ae50492a2c6c0b681e7cc8d16da3f3

  • SSDEEP

    6144:ABvV8KdpmmIGXsDSRkV0z6IMc9SPoajdz51IR7qb20WFP/XauRWnCSeL1o5VY9v9:ABtZTwBDSF39zRm6KuKCSC1Xv9

Score
9/10
evasion

Malware Config

Targets

    • Target

      00ff6c540843ca1d32cabe7a3bc63068

    • Size

      500KB

    • MD5

      00ff6c540843ca1d32cabe7a3bc63068

    • SHA1

      3d758c82f233954b8e43ed61fdce8b1b34c4d56d

    • SHA256

      1468dfd25571398c40feacfa4ca3745e57002bce8fe31342b73ede6b7175c612

    • SHA512

      6a58a3d018123433b349dad4676a94241c9988f14935aec521e0683c0726e36c5f29713cc5a185383effba3660e380b117ae50492a2c6c0b681e7cc8d16da3f3

    • SSDEEP

      6144:ABvV8KdpmmIGXsDSRkV0z6IMc9SPoajdz51IR7qb20WFP/XauRWnCSeL1o5VY9v9:ABtZTwBDSF39zRm6KuKCSC1Xv9

    Score
    9/10
    evasion

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks