Overview

overview

8

Static

static

3

9b3796fb2a...eb.exe

windows7-x64

8

9b3796fb2a...eb.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9b3796fb2a20f00625373b16ee333beb

  • Size

    70KB

  • Sample

    240214-kg7jgadg91

  • MD5

    9b3796fb2a20f00625373b16ee333beb

  • SHA1

    59a7ebf3eed41c9ed1d5c8ba386b9eb318e47a86

  • SHA256

    7def052777ebee13f4ca380a8e75fff43b1992ace89087abecce63ded5570a8d

  • SHA512

    517d3dfd5369750dfb4b5bcabd5616bac4fb8c0560388a092f9ffe585892cfa5bc36c646c93c2f59ef5cbf8ffac8dfe05edb7da453640cc09d8ac5c9655796a3

  • SSDEEP

    1536:JCelxfF5W0JQEqA6QmnPFsUA5NYGAoN+a0MX:JZnt5W02HdxAzYroNMm

Score
8/10
persistence

Malware Config

Targets

    • Target

      9b3796fb2a20f00625373b16ee333beb

    • Size

      70KB

    • MD5

      9b3796fb2a20f00625373b16ee333beb

    • SHA1

      59a7ebf3eed41c9ed1d5c8ba386b9eb318e47a86

    • SHA256

      7def052777ebee13f4ca380a8e75fff43b1992ace89087abecce63ded5570a8d

    • SHA512

      517d3dfd5369750dfb4b5bcabd5616bac4fb8c0560388a092f9ffe585892cfa5bc36c646c93c2f59ef5cbf8ffac8dfe05edb7da453640cc09d8ac5c9655796a3

    • SSDEEP

      1536:JCelxfF5W0JQEqA6QmnPFsUA5NYGAoN+a0MX:JZnt5W02HdxAzYroNMm

    Score
    8/10
    persistence

    • Drops file in Drivers directory

    • Manipulates Digital Signatures

      Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks