Overview

overview

8

Static

static

3

download.exe

windows7-x64

8

download.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    bf0be3809933af7472bfe7b7e63fadb8

  • Size

    80KB

  • Sample

    240310-tsp81aga77

  • MD5

    bf0be3809933af7472bfe7b7e63fadb8

  • SHA1

    fc1c72263bb834f287a32cc27e405cb29a269072

  • SHA256

    8f53190b8e174c46db61d15efb40f91ecd2c73a588f9cdd77852972b05600b76

  • SHA512

    02f4c4e571720e28fdeac359976f776f30fbc3ad77fecbe28d0615a0f99c2d1aa01cf9fac764b606910779f1ae701cb94bd39d9b220951266ee1476121c76360

  • SSDEEP

    1536:Lwa65nZFBOHUEs6iqcuyIJ4fnb07w3317NU0hktFlVz1Oewk6Gg5Nin:cbFcCq/Fufnb07YHhKpwHGgDin

Score
8/10

Malware Config

Targets

    • Target

      download.exe

    • Size

      203KB

    • MD5

      953b448a7a9a3c78dbe3dbb3086e4365

    • SHA1

      f5d6c535c2e8f1b7c18d404110e236ad0bf95084

    • SHA256

      75e9587d19b9a554d3806830659391f22fb4b5d580419379616a091ab2fc55be

    • SHA512

      f82848aa7486a3373c08f9899f24c81c8e20c19bf6dfd6f29a73dced9405086ac64683d165ce871ce5a26bfd51f4e9e50bb962614d3c2b30ccabcc33f8059113

    • SSDEEP

      3072:mBAp5XhKpN4eOyVTGfhEClj8jTk+0hu/MEPmWBMmvtGEcKJy9HnuthV9h+f2C8w4:dbXE9OiTGfhEClq9KEpf

    Score
    8/10

    • Blocklisted process makes network request

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks