Overview

overview

7

Static

static

3

6fc9bc0a6a...a3.exe

windows7-x64

7

6fc9bc0a6a...a3.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    6fc9bc0a6a50b8e22e9d2c34191b7da3

  • Size

    2.4MB

  • Sample

    231226-p2xxzsefh3

  • MD5

    6fc9bc0a6a50b8e22e9d2c34191b7da3

  • SHA1

    e0d2bb149c6e9401aedac40e49868af0583a6575

  • SHA256

    6db87f5623cbaa875f0f0b27cf9d7292fad5de232cb0879a24260621f9ff84e2

  • SHA512

    5b539bd062ae544cbbfb8571e60f932408176bf08f7a8a3122bc40cd29022a9fe11b1cf4251d201ad14ff2e10950dffdca002fb6826f714c5a4745c6f6c5904b

  • SSDEEP

    49152:tiayMILjrfasY6DwOBfrnvV7UeWtx+avAquvRgFVlHpad:tiJMILhYiwOBpIeWb+uAqoWpw

Score
7/10

Malware Config

Targets

    • Target

      6fc9bc0a6a50b8e22e9d2c34191b7da3

    • Size

      2.4MB

    • MD5

      6fc9bc0a6a50b8e22e9d2c34191b7da3

    • SHA1

      e0d2bb149c6e9401aedac40e49868af0583a6575

    • SHA256

      6db87f5623cbaa875f0f0b27cf9d7292fad5de232cb0879a24260621f9ff84e2

    • SHA512

      5b539bd062ae544cbbfb8571e60f932408176bf08f7a8a3122bc40cd29022a9fe11b1cf4251d201ad14ff2e10950dffdca002fb6826f714c5a4745c6f6c5904b

    • SSDEEP

      49152:tiayMILjrfasY6DwOBfrnvV7UeWtx+avAquvRgFVlHpad:tiJMILhYiwOBpIeWb+uAqoWpw

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks