Overview

overview

6

Static

static

1

dotnet.exe

windows7-x64

1

dotnet.exe

windows10-2004-x64

6

Resubmissions

06/07/2024, 16:47

240706-vam7csvhlr 6

06/07/2024, 16:46

240706-t96x3sxgqg 1

Sharing

Copy URL Twitter E-mail

General

  • Target

    dotnet.exe

  • Size

    103KB

  • Sample

    240706-vam7csvhlr

  • MD5

    469ca5a718596344a2977ccd92cc11ea

  • SHA1

    62263271db3891e9d97e82bcde266db32d9907f2

  • SHA256

    19f492b920ffefbbe2a3bac87b2a3020929a2f880d979f90dfaba40685c29f1e

  • SHA512

    07266dbbf74be241a81f6a66ace2bdc45811de323bb0f59860c98dd9fb9b869390e117ceac1a30f9031eb55b9a15ddb8f1b5629c113e436362b0fda68b5f5baa

  • SSDEEP

    3072:GtXAN7RTNnZLwsuqoGeJBarn3JmYS8mQzD9wN0Wwbs+yM63p1fy0eaNmglNol7bq:GXANlNnZ0suqoGuBar3JmYS8mQzD9wNn

Score
6/10

Malware Config

Targets

    • Target

      dotnet.exe

    • Size

      103KB

    • MD5

      469ca5a718596344a2977ccd92cc11ea

    • SHA1

      62263271db3891e9d97e82bcde266db32d9907f2

    • SHA256

      19f492b920ffefbbe2a3bac87b2a3020929a2f880d979f90dfaba40685c29f1e

    • SHA512

      07266dbbf74be241a81f6a66ace2bdc45811de323bb0f59860c98dd9fb9b869390e117ceac1a30f9031eb55b9a15ddb8f1b5629c113e436362b0fda68b5f5baa

    • SSDEEP

      3072:GtXAN7RTNnZLwsuqoGeJBarn3JmYS8mQzD9wN0Wwbs+yM63p1fy0eaNmglNol7bq:GXANlNnZ0suqoGuBar3JmYS8mQzD9wNn

    Score
    6/10

    • Checks for any installed AV software in registry

    • Downloads MZ/PE file

    • Legitimate hosting services abused for malware hosting/C2

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks