Overview

overview

7

Static

static

3

a2b63d9a28...d2.exe

windows7-x64

7

a2b63d9a28...d2.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    a2b63d9a2848033bc8f0bfeb3cbeacd2

  • Size

    332KB

  • Sample

    240224-zhxg8aeh9z

  • MD5

    a2b63d9a2848033bc8f0bfeb3cbeacd2

  • SHA1

    d802296f700432f7da660840fe19f2c82a1ed6db

  • SHA256

    5c877175974a5fd36d27ce10fc0ca70aa20555779c6098b19d35431575f57dc0

  • SHA512

    2ce892a16e40d48e4122989efc3fc8b7d844109e94f1141a82f309081eae9e7437ddbbc13c5d4e38ced75a07c8071835a796c91306bf4b2cbb7a229409e56485

  • SSDEEP

    6144:3cWMJJhqryYP/daqmhzya865UMlFSwJ91gVMHTBYcSojEVWS5IvaIr:3czJJhqrVPlKwaoMlEmuKTBFljq5KaIr

Score
7/10

Malware Config

Targets

    • Target

      a2b63d9a2848033bc8f0bfeb3cbeacd2

    • Size

      332KB

    • MD5

      a2b63d9a2848033bc8f0bfeb3cbeacd2

    • SHA1

      d802296f700432f7da660840fe19f2c82a1ed6db

    • SHA256

      5c877175974a5fd36d27ce10fc0ca70aa20555779c6098b19d35431575f57dc0

    • SHA512

      2ce892a16e40d48e4122989efc3fc8b7d844109e94f1141a82f309081eae9e7437ddbbc13c5d4e38ced75a07c8071835a796c91306bf4b2cbb7a229409e56485

    • SSDEEP

      6144:3cWMJJhqryYP/daqmhzya865UMlFSwJ91gVMHTBYcSojEVWS5IvaIr:3czJJhqrVPlKwaoMlEmuKTBFljq5KaIr

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks