Overview

overview

9

Static

static

3

7ab0f654bf...6d.exe

windows7-x64

9

7ab0f654bf...6d.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    7ab0f654bf74155e0542f24c0d28b76d

  • Size

    565KB

  • Sample

    240127-tnxghsfdg8

  • MD5

    7ab0f654bf74155e0542f24c0d28b76d

  • SHA1

    7779d605855c78bb157415e819b26e066ba592c6

  • SHA256

    0570d9e5e65df71ecaf1bb2a2c40ff6fb195051a0d7aafc6d60ee03fe4cad7ef

  • SHA512

    ca323b6018b595fc718b94dbe72403521a2dae008bf351bd01b5652dfd914af911b3471431aa923e3b6a6c7c67c143c7dcc8bbbc2b68c76f7baa3ae8b8cdf6b4

  • SSDEEP

    12288:SA9KBlzwTINPNus8nv93l25FGFZI9Kxo9tf45uA8Y:SA9qwT6Wv725FGdxEdY

Score
9/10
evasion

Malware Config

Targets

    • Target

      7ab0f654bf74155e0542f24c0d28b76d

    • Size

      565KB

    • MD5

      7ab0f654bf74155e0542f24c0d28b76d

    • SHA1

      7779d605855c78bb157415e819b26e066ba592c6

    • SHA256

      0570d9e5e65df71ecaf1bb2a2c40ff6fb195051a0d7aafc6d60ee03fe4cad7ef

    • SHA512

      ca323b6018b595fc718b94dbe72403521a2dae008bf351bd01b5652dfd914af911b3471431aa923e3b6a6c7c67c143c7dcc8bbbc2b68c76f7baa3ae8b8cdf6b4

    • SSDEEP

      12288:SA9KBlzwTINPNus8nv93l25FGFZI9Kxo9tf45uA8Y:SA9qwT6Wv725FGdxEdY

    Score
    9/10
    evasion

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks