Overview

overview

8

Static

static

3

noclip.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    noclip.exe

  • Size

    556KB

  • Sample

    240629-y3myvavfke

  • MD5

    e84e4da0f16e40521247870311efd7ac

  • SHA1

    30683171aae1e7dd7288e3b1ad7ef1fbde632365

  • SHA256

    fa4da01ef3e3d6eca87a36ba135e9b2084461a68e975895bc57050f6ab472def

  • SHA512

    0b763636a40bf7bb09521859db1b78ea205bc17a6fe685851a1dce8d3f64a101267c56f706742a7c2dab0e61709924126793853ffa3f84bb706145e6817dbb2b

  • SSDEEP

    12288:VRSNhZBlfA8/C8sSoC+PZE9O2bJIC0fDNNr:VsfA8K8J+O93l0fZF

Score
8/10
persistence

Malware Config

Targets

    • Target

      noclip.exe

    • Size

      556KB

    • MD5

      e84e4da0f16e40521247870311efd7ac

    • SHA1

      30683171aae1e7dd7288e3b1ad7ef1fbde632365

    • SHA256

      fa4da01ef3e3d6eca87a36ba135e9b2084461a68e975895bc57050f6ab472def

    • SHA512

      0b763636a40bf7bb09521859db1b78ea205bc17a6fe685851a1dce8d3f64a101267c56f706742a7c2dab0e61709924126793853ffa3f84bb706145e6817dbb2b

    • SSDEEP

      12288:VRSNhZBlfA8/C8sSoC+PZE9O2bJIC0fDNNr:VsfA8K8J+O93l0fZF

    Score
    8/10
    persistence

    • Sets service image path in registry

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks