Overview

overview

8

Static

static

3

50f23541d4...fb.exe

windows7-x64

7

50f23541d4...fb.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    50f23541d4dbf1abe9a4f08aa44409fb

  • Size

    3.4MB

  • Sample

    240110-sz9qjsaahl

  • MD5

    50f23541d4dbf1abe9a4f08aa44409fb

  • SHA1

    73fc4cf521af56fc63c6fea9f02d5fae2a930bc8

  • SHA256

    cd00a7e67d47f05e6bc2fe83217d1672685e75bc06d639698a01710899205919

  • SHA512

    c877108c344aefe695938b787f87e1d464a76e96b4358145dfb5bc522a7024dd56ebc7d9a9a5a1f8519f1a3753fd6b4492fcfbe40dbf7e4a3dbfe09a3e2f86ea

  • SSDEEP

    49152:vRUIaXCwmcg/7tSyWD5fE4luqaNaIXPPEf2OgiBVUrRZcjIWyt0xo:JUHXCwmcg/7tSFD5fE4luqacIU3vVSw

Score
8/10

Malware Config

Targets

    • Target

      50f23541d4dbf1abe9a4f08aa44409fb

    • Size

      3.4MB

    • MD5

      50f23541d4dbf1abe9a4f08aa44409fb

    • SHA1

      73fc4cf521af56fc63c6fea9f02d5fae2a930bc8

    • SHA256

      cd00a7e67d47f05e6bc2fe83217d1672685e75bc06d639698a01710899205919

    • SHA512

      c877108c344aefe695938b787f87e1d464a76e96b4358145dfb5bc522a7024dd56ebc7d9a9a5a1f8519f1a3753fd6b4492fcfbe40dbf7e4a3dbfe09a3e2f86ea

    • SSDEEP

      49152:vRUIaXCwmcg/7tSyWD5fE4luqaNaIXPPEf2OgiBVUrRZcjIWyt0xo:JUHXCwmcg/7tSFD5fE4luqacIU3vVSw

    Score
    8/10

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks