Overview

overview

7

Static

static

3

vm-uw.exe

windows7-x64

7

vm-uw.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    vm-uw.exe

  • Size

    566KB

  • Sample

    240611-v91azavhjm

  • MD5

    78c6129bfd81f88cfb7171caf2d386a1

  • SHA1

    f626224572dea0bc2983e3b3986bd1c1af5533ce

  • SHA256

    aa1ad7c508d497292d1e017b946cc381be204bd641543bcf584da286eb6f685f

  • SHA512

    38d0f61a25f015ad149765ced45ab81591ec02f9fe290c1560db9f53f9b7e6edc371eaebbcc54156006e63fe323b976bf560b9db69328f5ffe0fd9b734a9717b

  • SSDEEP

    12288:LQM9bROJmafSPZDz7qElw2KxPo0q7qzC9b/uEvtHKYTsviIR8Cufe9ZqQwExr//R:Ld9Mrf7iaNVxowGT/M

Score
7/10

Malware Config

Targets

    • Target

      vm-uw.exe

    • Size

      566KB

    • MD5

      78c6129bfd81f88cfb7171caf2d386a1

    • SHA1

      f626224572dea0bc2983e3b3986bd1c1af5533ce

    • SHA256

      aa1ad7c508d497292d1e017b946cc381be204bd641543bcf584da286eb6f685f

    • SHA512

      38d0f61a25f015ad149765ced45ab81591ec02f9fe290c1560db9f53f9b7e6edc371eaebbcc54156006e63fe323b976bf560b9db69328f5ffe0fd9b734a9717b

    • SSDEEP

      12288:LQM9bROJmafSPZDz7qElw2KxPo0q7qzC9b/uEvtHKYTsviIR8Cufe9ZqQwExr//R:Ld9Mrf7iaNVxowGT/M

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks