Overview

overview

8

Static

static

3

download.exe

windows7-x64

8

download.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    85e95ec16a8c138032a40f9ec6448378

  • Size

    107KB

  • Sample

    240201-ey6evadafq

  • MD5

    85e95ec16a8c138032a40f9ec6448378

  • SHA1

    c0a5b88e02d11b11568daaad9a2bc1293d47a647

  • SHA256

    c5dd8d65b08a1d339eb6318b1a08ba91d09931d0afbedc4af93b4e3fabfe4fc1

  • SHA512

    868370cd08bebf8fee08462530c88dc381aea2b79120c92e9c42c39f8c41788498906d490e3f2638b0fecd952913f8436b7b7d41b04598830bba4bab9eeecb1c

  • SSDEEP

    3072:TO9dhLlTfMl7CLmiLhiO3jMVe/O0P06bchux:aJhiCkO3jMVcP06oha

Score
8/10

Malware Config

Targets

    • Target

      download.exe

    • Size

      203KB

    • MD5

      ddc256f409bf0b8e9647497da0c02077

    • SHA1

      5f17007371a209876bec6e467fbbab7634cb93b6

    • SHA256

      5114a34a00f9cb4273df0778733e2ffb006f74a065ecc0e82311f6ceb8bd2e09

    • SHA512

      d4d10039597dcdde99d8b25e4c5bcaad7514dc54f2296220e7fd108e02030b926943f53d2c622f8212340f48c9568dc000432a8ab83052c64c15c3bcfc4eed12

    • SSDEEP

      3072:rBAp5XhKpN4eOyVTGfhEClj8jTk+0hJ8D4RD0c0rpOdt/46KC5NV/2iBY:WbXE9OiTGfhEClq9YKXcP7/UCpS

    Score
    8/10

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks