Overview

overview

9

Static

static

1

6076188360...ae.exe

windows7-x64

9

6076188360...ae.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    60761883606401d50efcb7441ee6214e4b1e90e89554ab7df2aa852a970807ae.exe

  • Size

    817KB

  • Sample

    240625-bt2z3sshnc

  • MD5

    2be4b5cce1ede988316ff1630d2335b8

  • SHA1

    c0bb22cc270aec90d7c9d49bf3657380c3972ee9

  • SHA256

    60761883606401d50efcb7441ee6214e4b1e90e89554ab7df2aa852a970807ae

  • SHA512

    c3a423882ae4d8bde69b7dc0dba6bc3cfa619d5c8f419079523e5e446fd2f984bd6251a536c4b9390fe5543ed74fa894a092795d96e0a95edf4c7008710fbafe

  • SSDEEP

    12288:26L6MFtj7DYeBQ0ZXXohXGnt5+qund6NMpMn0Vk7gN/UMz7iH1T4tIEdPkR:fZQ0dAOQdqMK0iMNb70StBdK

Score
9/10
execution

Malware Config

Targets

    • Target

      60761883606401d50efcb7441ee6214e4b1e90e89554ab7df2aa852a970807ae.exe

    • Size

      817KB

    • MD5

      2be4b5cce1ede988316ff1630d2335b8

    • SHA1

      c0bb22cc270aec90d7c9d49bf3657380c3972ee9

    • SHA256

      60761883606401d50efcb7441ee6214e4b1e90e89554ab7df2aa852a970807ae

    • SHA512

      c3a423882ae4d8bde69b7dc0dba6bc3cfa619d5c8f419079523e5e446fd2f984bd6251a536c4b9390fe5543ed74fa894a092795d96e0a95edf4c7008710fbafe

    • SSDEEP

      12288:26L6MFtj7DYeBQ0ZXXohXGnt5+qund6NMpMn0Vk7gN/UMz7iH1T4tIEdPkR:fZQ0dAOQdqMK0iMNb70StBdK

    Score
    9/10
    execution

    • Detects executables packed with SmartAssembly

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

      execution

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks