Overview

overview

7

Static

static

3

3bd189fa98...5e.exe

windows7-x64

7

3bd189fa98...5e.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    3bd189fa981a2c4c493a6689a0c4405e

  • Size

    424KB

  • Sample

    240101-efqaxabahm

  • MD5

    3bd189fa981a2c4c493a6689a0c4405e

  • SHA1

    f1d5a5c54c241c8b899fdaee9199221faf8d55db

  • SHA256

    700762ce4332608df6077f688e52a6f173b44f27d55b8ad9b94373f58b604f8b

  • SHA512

    4fd48d1d09238c6a81958b2999d3774a8927458c3174bb1526577636120d93626f4aeef7c615105e57359d72ad718b4fc0fd96f6b0c0b6b4316ffb631813d1fd

  • SSDEEP

    12288:XTpKfPdYo/zz/3ZHSCMvsl2mnlnOVRPMRG:alJ/xSCM0HZlRG

Score
7/10
evasion

Malware Config

Targets

    • Target

      3bd189fa981a2c4c493a6689a0c4405e

    • Size

      424KB

    • MD5

      3bd189fa981a2c4c493a6689a0c4405e

    • SHA1

      f1d5a5c54c241c8b899fdaee9199221faf8d55db

    • SHA256

      700762ce4332608df6077f688e52a6f173b44f27d55b8ad9b94373f58b604f8b

    • SHA512

      4fd48d1d09238c6a81958b2999d3774a8927458c3174bb1526577636120d93626f4aeef7c615105e57359d72ad718b4fc0fd96f6b0c0b6b4316ffb631813d1fd

    • SSDEEP

      12288:XTpKfPdYo/zz/3ZHSCMvsl2mnlnOVRPMRG:alJ/xSCM0HZlRG

    Score
    7/10
    evasion

    • Executes dropped EXE

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

      evasion

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks