Overview

overview

10

Static

static

3

7e68b17d4f...19.exe

windows7-x64

10

7e68b17d4f...19.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7e68b17d4fa5b2e59f1b6309a6581519.exe

  • Size

    44KB

  • Sample

    240102-s22gysggfl

  • MD5

    7e68b17d4fa5b2e59f1b6309a6581519

  • SHA1

    5d66be6c523ef8eda99d09b0989c8d31732debb9

  • SHA256

    c2573e2c825fcf6c63ccf3db067dce07000c4fdfa507f93365701377b755ad9c

  • SHA512

    d2a125aacc5476fb80bc4c0d189aec5ccadc30c61a39b2a7082c0f786a2de932efd8dc11f394433037043e48c147111e11d5b2f7862c4aeac14217cb0a724a4d

  • SSDEEP

    384:GjiXAA8k9OgEZ6Q/SD/Vc28bkBp1NlEcFh19hJlS5J0f6VA72Y9FSPlHBPXxtpJZ:V9OggI/VEYNlnUXxth

Score
10/10

Malware Config

Extracted

Language
hta
Source
URLs
hta.dropper

http://adminlzcheng.6600.org/img/tc.htm?34",0)(window.close)

Extracted

Language
hta
Source
URLs
hta.dropper

http://www.27dh.com/?34tc",0)(window.close)

Targets

    • Target

      7e68b17d4fa5b2e59f1b6309a6581519.exe

    • Size

      44KB

    • MD5

      7e68b17d4fa5b2e59f1b6309a6581519

    • SHA1

      5d66be6c523ef8eda99d09b0989c8d31732debb9

    • SHA256

      c2573e2c825fcf6c63ccf3db067dce07000c4fdfa507f93365701377b755ad9c

    • SHA512

      d2a125aacc5476fb80bc4c0d189aec5ccadc30c61a39b2a7082c0f786a2de932efd8dc11f394433037043e48c147111e11d5b2f7862c4aeac14217cb0a724a4d

    • SSDEEP

      384:GjiXAA8k9OgEZ6Q/SD/Vc28bkBp1NlEcFh19hJlS5J0f6VA72Y9FSPlHBPXxtpJZ:V9OggI/VEYNlnUXxth

    Score
    10/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks