Overview

overview

7

Static

static

3

iFLYAssist...22.exe

windows10-1703-x64

7

iFLYAssist...22.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    iFLYAssistant_4.2.23.22.exe

  • Size

    260.0MB

  • Sample

    240129-fp8dhsafe7

  • MD5

    6a35eda2f58160c5de59182a9605c448

  • SHA1

    195d2633a4e5d3d3e50293a04fe574ae55035232

  • SHA256

    efb8ea524ed4c879d604df36452bbef06f0f2c3005c62f399e9db0c893ce243e

  • SHA512

    63dea7eb4559afb784d4e62e819c64264d427e201ed915e8f68dff9198911100c844887892c4091f9e61d5f22c59dac0c85bc21dbbfae8289fa8fa1c5ccfb188

  • SSDEEP

    6291456:B5xPSh8AxfycoaTAX4o6JIaB1daeNEIsqAZYgK6bvwNtpYUec4J7:B5EAcoSAludaeNE+AKXNtGtc4J7

Score
7/10
discoverypersistencepyinstaller

Malware Config

Targets

    • Target

      iFLYAssistant_4.2.23.22.exe

    • Size

      260.0MB

    • MD5

      6a35eda2f58160c5de59182a9605c448

    • SHA1

      195d2633a4e5d3d3e50293a04fe574ae55035232

    • SHA256

      efb8ea524ed4c879d604df36452bbef06f0f2c3005c62f399e9db0c893ce243e

    • SHA512

      63dea7eb4559afb784d4e62e819c64264d427e201ed915e8f68dff9198911100c844887892c4091f9e61d5f22c59dac0c85bc21dbbfae8289fa8fa1c5ccfb188

    • SSDEEP

      6291456:B5xPSh8AxfycoaTAX4o6JIaB1daeNEIsqAZYgK6bvwNtpYUec4J7:B5EAcoSAludaeNE+AKXNtGtc4J7

    Score
    7/10
    discoverypersistencepyinstaller

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Adds Run key to start application

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks