Overview

overview

8

Static

static

3

1ce4934658...f0.exe

windows7-x64

1

1ce4934658...f0.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    1ce4934658b4ad2cd21dff27ff8e70f0

  • Size

    29KB

  • Sample

    231230-z9b1ladhc3

  • MD5

    1ce4934658b4ad2cd21dff27ff8e70f0

  • SHA1

    9896ce649a98702711a24331918a2fbcb69dda0b

  • SHA256

    3031bc377ed05570349cf60a3c8cc82dbb80d0573257563d6525f762294a6323

  • SHA512

    599d5c2f03a3d4e2eb445930cec2e731d2ba1e79d8521352b21e1d1ca80642bc26869a772439dacc82ebcd6b0db5bff246760ca4fe3096e938b0ea5d355db55d

  • SSDEEP

    384:nqbQim8kU2vDpkcnAeDvblbx2tkVDu9s1UFcY1K8dDdJC5guSmNTuBi+wvZjG0aR:UkU2tJjblbEkEiuDqyqTSqZ/3biWxc

Score
8/10
persistence

Malware Config

Targets

    • Target

      1ce4934658b4ad2cd21dff27ff8e70f0

    • Size

      29KB

    • MD5

      1ce4934658b4ad2cd21dff27ff8e70f0

    • SHA1

      9896ce649a98702711a24331918a2fbcb69dda0b

    • SHA256

      3031bc377ed05570349cf60a3c8cc82dbb80d0573257563d6525f762294a6323

    • SHA512

      599d5c2f03a3d4e2eb445930cec2e731d2ba1e79d8521352b21e1d1ca80642bc26869a772439dacc82ebcd6b0db5bff246760ca4fe3096e938b0ea5d355db55d

    • SSDEEP

      384:nqbQim8kU2vDpkcnAeDvblbx2tkVDu9s1UFcY1K8dDdJC5guSmNTuBi+wvZjG0aR:UkU2tJjblbEkEiuDqyqTSqZ/3biWxc

    Score
    8/10
    persistence

    • Drops file in Drivers directory

    • Sets file execution options in registry

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks