Overview

overview

7

Static

static

3

SH2EEsetup.exe

windows7-x64

7

SH2EEsetup.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    SH2EEsetup.exe

  • Size

    3.7MB

  • Sample

    240325-syfq3sbg86

  • MD5

    5e312d3b677e7e8c699b1d724f8cadfa

  • SHA1

    5acade5bbf96d43cd212e2379ecbd4923d0dd44e

  • SHA256

    896bc923098c0e59a04d004c83812e487870c370ae1bd19e1841afeb6f204366

  • SHA512

    beee2d3d1335f92f29eefa471ae5a364de46f33f35109f01a999a7a185b108471f92eb83ea35bc28867f0ab8f9889d436d90f142d4d41a0749cd8f210c8bddc2

  • SSDEEP

    98304:8kLZGLloT7QYTRRx5yNUjlMJ2KWd+8BprX:7ZmloTbTRRny4KWvBprX

Score
7/10

Malware Config

Targets

    • Target

      SH2EEsetup.exe

    • Size

      3.7MB

    • MD5

      5e312d3b677e7e8c699b1d724f8cadfa

    • SHA1

      5acade5bbf96d43cd212e2379ecbd4923d0dd44e

    • SHA256

      896bc923098c0e59a04d004c83812e487870c370ae1bd19e1841afeb6f204366

    • SHA512

      beee2d3d1335f92f29eefa471ae5a364de46f33f35109f01a999a7a185b108471f92eb83ea35bc28867f0ab8f9889d436d90f142d4d41a0749cd8f210c8bddc2

    • SSDEEP

      98304:8kLZGLloT7QYTRRx5yNUjlMJ2KWd+8BprX:7ZmloTbTRRny4KWvBprX

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks