Overview

overview

8

Static

static

3

WheelCompa...er.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    WheelCompatibilityInstaller.exe

  • Size

    10.5MB

  • Sample

    240218-sj7w1sca97

  • MD5

    3208c7103288235bc554402efda7fda2

  • SHA1

    410e37d809cb214a7b0d8fca90528eac3ececd8b

  • SHA256

    570b9fedcb5914aa74dfe871fde7c82cb80e03b63c490d63c329deb1b032a162

  • SHA512

    aa995abf1bf8f41b5ab68b232cbb91091239d56bc817b26385fdf70e6b2dd37144b8b95a22ab246654ef320a858bbd14359003cca59412121bbb7e5c9dd57323

  • SSDEEP

    196608:C+pjVt06mXbRV5b+7fUUjAwfbtcYkSasjfHqcXXW/ThuRqSJSS:C8W6mrRHb+7MUjdtIsjfKeXs8A0

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      WheelCompatibilityInstaller.exe

    • Size

      10.5MB

    • MD5

      3208c7103288235bc554402efda7fda2

    • SHA1

      410e37d809cb214a7b0d8fca90528eac3ececd8b

    • SHA256

      570b9fedcb5914aa74dfe871fde7c82cb80e03b63c490d63c329deb1b032a162

    • SHA512

      aa995abf1bf8f41b5ab68b232cbb91091239d56bc817b26385fdf70e6b2dd37144b8b95a22ab246654ef320a858bbd14359003cca59412121bbb7e5c9dd57323

    • SSDEEP

      196608:C+pjVt06mXbRV5b+7fUUjAwfbtcYkSasjfHqcXXW/ThuRqSJSS:C8W6mrRHb+7MUjdtIsjfKeXs8A0

    Score
    8/10
    discoverypersistence

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks