Overview

overview

7

Static

static

3

m.exe

windows7-x64

7

m.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    m.exe

  • Size

    626KB

  • Sample

    240525-3gn18sed9x

  • MD5

    d2f4bc9f0ab5fb441220de0747acba90

  • SHA1

    52be243937507dd83e370da1045c18579a836cd9

  • SHA256

    f9c6e5c3d5349a47e51c11e9e8e537bd803ed6f793136c2f7dfc1f5028c0079e

  • SHA512

    d21bab345fb1a5e8dc841cade9fd9c8429d3fd32c9269980a4e1c5a45d8685f07ff33d8244473ea25eb4431b7bbb1908b1161612302941c6054ae541ab9e0a96

  • SSDEEP

    12288:Me37ZoSHwaPDGDlIxYWX+t4XSliZVqyEdIpqUpMS5KU:foraPDGDlIxYUfdEdEdp

Score
7/10

Malware Config

Targets

    • Target

      m.exe

    • Size

      626KB

    • MD5

      d2f4bc9f0ab5fb441220de0747acba90

    • SHA1

      52be243937507dd83e370da1045c18579a836cd9

    • SHA256

      f9c6e5c3d5349a47e51c11e9e8e537bd803ed6f793136c2f7dfc1f5028c0079e

    • SHA512

      d21bab345fb1a5e8dc841cade9fd9c8429d3fd32c9269980a4e1c5a45d8685f07ff33d8244473ea25eb4431b7bbb1908b1161612302941c6054ae541ab9e0a96

    • SSDEEP

      12288:Me37ZoSHwaPDGDlIxYWX+t4XSliZVqyEdIpqUpMS5KU:foraPDGDlIxYUfdEdEdp

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks