Overview

overview

7

Static

static

3

YVLHFAC#XJ...HA.zip

windows10-2004-x64

Resubmissions

14/05/2024, 01:24

240514-bsgbzsea94 7

13/05/2024, 21:44

240513-1lq1aaeh5t 7

Sharing

Copy URL Twitter E-mail

General

  • Target

    YVLHFAC#XJFDRAZNVUHA.zip

  • Size

    5.5MB

  • Sample

    240513-1lq1aaeh5t

  • MD5

    a460244a631b1b934fef9d75ecb55695

  • SHA1

    7b2361caa0590e2d5888026c727f79f8c3e41011

  • SHA256

    469d9d4815a2a5ef207f9c4ad6bafc7d8c1cfba3d432862961895f6d4fffac8f

  • SHA512

    521e009cf18f29ee598357aff7079e9d1f946d9bb3d367b9e0ef85e883cf9402ace8e8f247a2219a150ff003c79ecb6f6c6995a0145264ce11331189020d4142

  • SSDEEP

    98304:0xjko9kyYh6IGWLpcE70C9FYS8q42fB3PnfPMSAjOb83bgwbDbflc2hx0c+bwwv/:0J5EOE70C9GL2flkOY3kwbVxAfn

Score
7/10
executionpersistence

Malware Config

Targets

    • Target

      YVLHFAC#XJFDRAZNVUHA.zip

    • Size

      5.5MB

    • MD5

      a460244a631b1b934fef9d75ecb55695

    • SHA1

      7b2361caa0590e2d5888026c727f79f8c3e41011

    • SHA256

      469d9d4815a2a5ef207f9c4ad6bafc7d8c1cfba3d432862961895f6d4fffac8f

    • SHA512

      521e009cf18f29ee598357aff7079e9d1f946d9bb3d367b9e0ef85e883cf9402ace8e8f247a2219a150ff003c79ecb6f6c6995a0145264ce11331189020d4142

    • SSDEEP

      98304:0xjko9kyYh6IGWLpcE70C9FYS8q42fB3PnfPMSAjOb83bgwbDbflc2hx0c+bwwv/:0J5EOE70C9GL2flkOY3kwbVxAfn

    Score
    7/10
    executionpersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks