Overview

overview

8

Static

static

3

Scanner.exe

windows7-x64

1

Scanner.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Scanner.exe

  • Size

    9.1MB

  • Sample

    240507-1ytlyaab7v

  • MD5

    a4758c397c82f9dadf3cb8bcadc6e6b5

  • SHA1

    dc2983aacffe8cbc5daf3c5f81f17e069642804c

  • SHA256

    49548ca03d20e77ef8ad6893d4cd7b513ffccac42a2e1c91bdce67292ed52deb

  • SHA512

    0f55715bc09260056c2ddc169bda1d38801d8f11effa855f300a5e1b57738c7cfb6c99b388ed7bbcff87754c4bb23396533e4218831d8c93f69a96d9a6698f24

  • SSDEEP

    49152:VU0pMvJbL1NjmuSrt9O+LAdC+np5veIHv2D33ta7cNRBg9xdUraNGbKucG051r8j:GXi0ORqur+n9NuT3sCX/9EZh8Dnh

Score
8/10

Malware Config

Targets

    • Target

      Scanner.exe

    • Size

      9.1MB

    • MD5

      a4758c397c82f9dadf3cb8bcadc6e6b5

    • SHA1

      dc2983aacffe8cbc5daf3c5f81f17e069642804c

    • SHA256

      49548ca03d20e77ef8ad6893d4cd7b513ffccac42a2e1c91bdce67292ed52deb

    • SHA512

      0f55715bc09260056c2ddc169bda1d38801d8f11effa855f300a5e1b57738c7cfb6c99b388ed7bbcff87754c4bb23396533e4218831d8c93f69a96d9a6698f24

    • SSDEEP

      49152:VU0pMvJbL1NjmuSrt9O+LAdC+np5veIHv2D33ta7cNRBg9xdUraNGbKucG051r8j:GXi0ORqur+n9NuT3sCX/9EZh8Dnh

    Score
    8/10

    • Downloads MZ/PE file

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks