Overview

overview

7

Static

static

3

cryptolaemus

windows10-2004-x64

7

cryptolaemus

windows11-21h2-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    572ea4ad0dc921c61ca50cc93a92f916b21999cfc27b220e9bae9466898fb24a

  • Size

    3.1MB

  • Sample

    240727-hpesbawapd

  • MD5

    0794b4c99b4e217967e91cfa0bd8f04b

  • SHA1

    711570a7ebcfb5644f27e0a97d02631bcd305319

  • SHA256

    572ea4ad0dc921c61ca50cc93a92f916b21999cfc27b220e9bae9466898fb24a

  • SHA512

    89330f569d5a344afd18969f1e758c7c4ae228004df8fa168fa7a1ce1fd8eeee8aa9b10b0497efc8e160b2046f64b12436062f9e1066aab86b322b4b90003f93

  • SSDEEP

    98304:iG6zWyZLavZ4KpzGj9W1O0gN5t3TX/9dBKlDM:ivcR4WXgDt5bv

Score
7/10
discovery

Malware Config

Targets

    • Target

      572ea4ad0dc921c61ca50cc93a92f916b21999cfc27b220e9bae9466898fb24a

    • Size

      3.1MB

    • MD5

      0794b4c99b4e217967e91cfa0bd8f04b

    • SHA1

      711570a7ebcfb5644f27e0a97d02631bcd305319

    • SHA256

      572ea4ad0dc921c61ca50cc93a92f916b21999cfc27b220e9bae9466898fb24a

    • SHA512

      89330f569d5a344afd18969f1e758c7c4ae228004df8fa168fa7a1ce1fd8eeee8aa9b10b0497efc8e160b2046f64b12436062f9e1066aab86b322b4b90003f93

    • SSDEEP

      98304:iG6zWyZLavZ4KpzGj9W1O0gN5t3TX/9dBKlDM:ivcR4WXgDt5bv

    Score
    7/10
    discovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks