Overview

overview

8

Static

static

3

1c8a739089...eb.exe

windows7-x64

8

1c8a739089...eb.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1c8a7390897be3ffe2903728e6433ceb

  • Size

    394KB

  • Sample

    231230-zz2hhahedj

  • MD5

    1c8a7390897be3ffe2903728e6433ceb

  • SHA1

    a835de06ea0a43170aedb52904921983acbf1839

  • SHA256

    aaf5a4cef4f2d2c013ae6950cb5d795dd885b90f9be521102c51edd035b581bc

  • SHA512

    6d140686842437fad21a5ef1b2685de28241769689ab5745eb527a1b6554edef530fc86c5cfccd0c970f122d98d83f574a5080f3ec3042bf1787274da36683f4

  • SSDEEP

    3072:MEsmBEsmBEsmBEsmBEsmBEsmBEsmBEsmBEsm4lQ23MxHSSP1w0VI51yHLHlBhyBJ:MZYZYZYZYZYZYZYZYZfeP1ZVI51yZAv

Score
8/10

Malware Config

Targets

    • Target

      1c8a7390897be3ffe2903728e6433ceb

    • Size

      394KB

    • MD5

      1c8a7390897be3ffe2903728e6433ceb

    • SHA1

      a835de06ea0a43170aedb52904921983acbf1839

    • SHA256

      aaf5a4cef4f2d2c013ae6950cb5d795dd885b90f9be521102c51edd035b581bc

    • SHA512

      6d140686842437fad21a5ef1b2685de28241769689ab5745eb527a1b6554edef530fc86c5cfccd0c970f122d98d83f574a5080f3ec3042bf1787274da36683f4

    • SSDEEP

      3072:MEsmBEsmBEsmBEsmBEsmBEsmBEsmBEsmBEsm4lQ23MxHSSP1w0VI51yHLHlBhyBJ:MZYZYZYZYZYZYZYZYZfeP1ZVI51yZAv

    Score
    8/10

    • Drops file in Drivers directory

    • Manipulates Digital Signatures

      Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks