Overview

overview

8

Static

static

3

App_02029.exe

windows7-x64

8

App_02029.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    d25121a968d01c4096fed064d639676ec28ba827380a69918c17d2f8da513345

  • Size

    17.6MB

  • Sample

    240419-thzdxshd9s

  • MD5

    d413d3cb48058c1045278adae26c4723

  • SHA1

    f322618c7d47f817682ab26113c199a8ed05db1d

  • SHA256

    d25121a968d01c4096fed064d639676ec28ba827380a69918c17d2f8da513345

  • SHA512

    aa91547de34192c17c3549fb4acbe88466bc3f6e2c12849d9d1a476f7787e6569ea0ecb781075581640f69e96d324f2d4fe8f5d03ac82ba04f932d298c436b84

  • SSDEEP

    393216:ItAFeYdanCV65QnfXtqovkLsdEkjQquCk7P4C08pMSxBOhgM:It0dlVUQn/0iSk9uxk87Xg

Score
8/10

Malware Config

Targets

    • Target

      App_02029.exe

    • Size

      64.8MB

    • MD5

      995dbb413082280c682804497c04f98d

    • SHA1

      f2ce357165521371ba1fd610d8943803acd709db

    • SHA256

      62e685bc9cb81e2826f7a85083936317788756c7c1e1cf7667b1eaf815555a4f

    • SHA512

      9bf3739cb0d1c2f5254911e7060fe8718f1842a9f699945c35a71047e0bd971690f8f31fb8d123ed1042ffb822d3c290b1871aae8bda5206c0fda0cf94158ae4

    • SSDEEP

      196608:DPoufwrXnmsUML1WCvRVDOknyc2ICFWlWlWlWlW6WlWOkh:DPoHms0CvRVO3WlWlWlWlW6WlWFh

    Score
    8/10

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks