Overview

overview

8

Static

static

3

630f154b81...cf.exe

windows7-x64

1

630f154b81...cf.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    630f154b816a6412a621ad2173738a6063a0b61a14375342879666fc97b43dcf.exe

  • Size

    2.2MB

  • Sample

    240212-dnd26sdc86

  • MD5

    ff6a97f7237340437c36c597b1b4b4a0

  • SHA1

    d8332b167a813713507d12aa84d0c8156787b258

  • SHA256

    630f154b816a6412a621ad2173738a6063a0b61a14375342879666fc97b43dcf

  • SHA512

    7c271cb4e986b9634ee87eb5b8ce06f48ad7459209a82a8e8343c76d168d18c0d2d39033f962efa24998e3429900a117bd7bef7465a372d2ae913ad7f9d729a0

  • SSDEEP

    49152:7PxJxCKDN29VzbJVACCQUv9OUsvpYCcRwj79MVqg78+rWv1+FTqSkPFqzybEluam:dCIeBEQUv9AqCh9Ml8Bv1+FqSkPFqzct

Score
8/10
evasionpersistence

Malware Config

Targets

    • Target

      630f154b816a6412a621ad2173738a6063a0b61a14375342879666fc97b43dcf.exe

    • Size

      2.2MB

    • MD5

      ff6a97f7237340437c36c597b1b4b4a0

    • SHA1

      d8332b167a813713507d12aa84d0c8156787b258

    • SHA256

      630f154b816a6412a621ad2173738a6063a0b61a14375342879666fc97b43dcf

    • SHA512

      7c271cb4e986b9634ee87eb5b8ce06f48ad7459209a82a8e8343c76d168d18c0d2d39033f962efa24998e3429900a117bd7bef7465a372d2ae913ad7f9d729a0

    • SSDEEP

      49152:7PxJxCKDN29VzbJVACCQUv9OUsvpYCcRwj79MVqg78+rWv1+FTqSkPFqzybEluam:dCIeBEQUv9AqCh9Ml8Bv1+FqSkPFqzct

    Score
    8/10
    evasionpersistence

    • Creates new service(s)

      persistence

    • Drops file in Drivers directory

    • Stops running service(s)

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks