Overview

overview

8

Static

static

3

29dc4fd35d...87.exe

windows7-x64

8

29dc4fd35d...87.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    29dc4fd35d1d55c0e79ea1abe3328187

  • Size

    69KB

  • Sample

    231225-s21knabab7

  • MD5

    29dc4fd35d1d55c0e79ea1abe3328187

  • SHA1

    ed4e323e77fa51901a31260d87beb1738c75abd4

  • SHA256

    73e32991b8459221f89209f766e820ef7116c88ddd467185239aed2d0439dde1

  • SHA512

    b939205bd67e83e2e1ab1e9a6014d4ca120df963e519e124f81b34f99d37e9df854885e3d6e7485c9eaf5b249ea5d5bda40971965c1106e69e03909558bc1392

  • SSDEEP

    1536:u994/wdcSe8JSr3HkutYln/AEdSTQgK8J8sYWSwQqW3u1:u9e4WSe8JSbmn/NITR2wy3u1

Score
8/10
persistence

Malware Config

Targets

    • Target

      29dc4fd35d1d55c0e79ea1abe3328187

    • Size

      69KB

    • MD5

      29dc4fd35d1d55c0e79ea1abe3328187

    • SHA1

      ed4e323e77fa51901a31260d87beb1738c75abd4

    • SHA256

      73e32991b8459221f89209f766e820ef7116c88ddd467185239aed2d0439dde1

    • SHA512

      b939205bd67e83e2e1ab1e9a6014d4ca120df963e519e124f81b34f99d37e9df854885e3d6e7485c9eaf5b249ea5d5bda40971965c1106e69e03909558bc1392

    • SSDEEP

      1536:u994/wdcSe8JSr3HkutYln/AEdSTQgK8J8sYWSwQqW3u1:u9e4WSe8JSbmn/NITR2wy3u1

    Score
    8/10
    persistence

    • Modifies Installed Components in the registry

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks