Overview

overview

7

Static

static

3

58c504bfb3...af.exe

windows7-x64

7

58c504bfb3...af.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    58c504bfb3b88500ffb0714bcb5123af

  • Size

    8.0MB

  • Sample

    240113-m84b8shgf6

  • MD5

    58c504bfb3b88500ffb0714bcb5123af

  • SHA1

    1b072fe6fe0cc2da775f50e66c7cc40c8a8b7426

  • SHA256

    52cd8f65112cfb10bbd8f14eb27d793888c06a2e79902084f533e26438b1c0ba

  • SHA512

    abcf7fd6d92806b4f636d4ec5de135f9743ed759afbf0ad868239786f012afab475704af82b4c712efdb5d5e6fc0fbebfae794e41cf88c814d118c064530ce91

  • SSDEEP

    196608:n5fLZRAo93I+yO1d9eP2j8OkpvJtSi1zwfkikcQm1Q:nNYaYrO1d9Vj/kR3hNwfkiDZQ

Score
7/10

Malware Config

Targets

    • Target

      58c504bfb3b88500ffb0714bcb5123af

    • Size

      8.0MB

    • MD5

      58c504bfb3b88500ffb0714bcb5123af

    • SHA1

      1b072fe6fe0cc2da775f50e66c7cc40c8a8b7426

    • SHA256

      52cd8f65112cfb10bbd8f14eb27d793888c06a2e79902084f533e26438b1c0ba

    • SHA512

      abcf7fd6d92806b4f636d4ec5de135f9743ed759afbf0ad868239786f012afab475704af82b4c712efdb5d5e6fc0fbebfae794e41cf88c814d118c064530ce91

    • SSDEEP

      196608:n5fLZRAo93I+yO1d9eP2j8OkpvJtSi1zwfkikcQm1Q:nNYaYrO1d9Vj/kR3hNwfkiDZQ

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks