Overview

overview

8

Static

static

1

Screenshot...56.png

windows7-x64

8

Screenshot...56.png

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Screenshot 2024-07-05 123256.png

  • Size

    172KB

  • Sample

    240705-reakaascka

  • MD5

    b03ecd23f7f0105033d66a5f91e2e6d4

  • SHA1

    51157b7fba1b65f62e79a523ddeb6549d649e582

  • SHA256

    e3c1f0076790b69fb8cc26f69b2b449260ed4e6b1d5502b0866a4328ec0e43b1

  • SHA512

    53c0f985d584b290895eea2f840206134429cf24150d05d57cde5051b7074b6ab95c51675a45b95481b80116ff87ff29132acfcb9f1197642e0b16aa62fdba42

  • SSDEEP

    3072:a97tHef5t8jClys9XywInrUcFpGvuJkeNAdQtDcIIwLG4:uxwiGlXh+rUcFpGv1eaKcII14

Score
8/10

Malware Config

Targets

    • Target

      Screenshot 2024-07-05 123256.png

    • Size

      172KB

    • MD5

      b03ecd23f7f0105033d66a5f91e2e6d4

    • SHA1

      51157b7fba1b65f62e79a523ddeb6549d649e582

    • SHA256

      e3c1f0076790b69fb8cc26f69b2b449260ed4e6b1d5502b0866a4328ec0e43b1

    • SHA512

      53c0f985d584b290895eea2f840206134429cf24150d05d57cde5051b7074b6ab95c51675a45b95481b80116ff87ff29132acfcb9f1197642e0b16aa62fdba42

    • SSDEEP

      3072:a97tHef5t8jClys9XywInrUcFpGvuJkeNAdQtDcIIwLG4:uxwiGlXh+rUcFpGv1eaKcII14

    Score
    8/10

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks for any installed AV software in registry

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks