Overview

overview

8

Static

static

3

a221ccdf5a...87.exe

windows7-x64

8

a221ccdf5a...87.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a221ccdf5a5263583542939a86c22f87

  • Size

    373KB

  • Sample

    240224-sa9z1sfa35

  • MD5

    a221ccdf5a5263583542939a86c22f87

  • SHA1

    2b6e3731623f3232d630bfd1b52007d42ec2243c

  • SHA256

    9d0bfaf6f7d61a8e8b1aefa16a1bf1d3f366ec8a01cde7d285f9572a93bb64ab

  • SHA512

    ad7fc54d065ef0344ee49e293460afd16cee92c4da1d5531833d6484e3ee6f43fed1e3c0c94de8d936a41d61c573a7b2742ca21961e636227b9f7208f237260e

  • SSDEEP

    3072:MEsm2Y60+0cJB/JO08G/fEsmZEsm2Y60+0cJB/JO08G/fEsmZEsmZEsm2Y60+0c2:MZ15BHfZ8Z15BHfZ8Z8Z15BHM

Score
8/10

Malware Config

Targets

    • Target

      a221ccdf5a5263583542939a86c22f87

    • Size

      373KB

    • MD5

      a221ccdf5a5263583542939a86c22f87

    • SHA1

      2b6e3731623f3232d630bfd1b52007d42ec2243c

    • SHA256

      9d0bfaf6f7d61a8e8b1aefa16a1bf1d3f366ec8a01cde7d285f9572a93bb64ab

    • SHA512

      ad7fc54d065ef0344ee49e293460afd16cee92c4da1d5531833d6484e3ee6f43fed1e3c0c94de8d936a41d61c573a7b2742ca21961e636227b9f7208f237260e

    • SSDEEP

      3072:MEsm2Y60+0cJB/JO08G/fEsmZEsm2Y60+0cJB/JO08G/fEsmZEsmZEsm2Y60+0c2:MZ15BHfZ8Z15BHfZ8Z8Z15BHM

    Score
    8/10

    • Drops file in Drivers directory

    • Manipulates Digital Signatures

      Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks