Overview

overview

7

Static

static

3

906ae8aea2...0N.exe

windows7-x64

6

906ae8aea2...0N.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    906ae8aea2c1a37d28081e15f4200d60N.exe

  • Size

    169KB

  • Sample

    240905-tvfgksvbmp

  • MD5

    906ae8aea2c1a37d28081e15f4200d60

  • SHA1

    fae2b5e36b6f73b50d3f59886f7d5a1d6b885e35

  • SHA256

    0b986c6cc99c8e846c9f44953fe85d5ee833f3459a1fa527e2a4253eb8e2fca8

  • SHA512

    5314e48ba836b27af7849f207f823ecbb03083e34c1f00d64baa01f71e137838d21319b3d5e84dd6f61284dcf4b4bfbfc7f0587878d9988e086b2dc28e4f2b78

  • SSDEEP

    3072:414mOxrKFNZYhrgtRFuV2DDbuiTf3hPsOraS87FYqjTZbn4TGh:4nYWYhrgtRo6DSiTf3hPswa1TZjxh

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      906ae8aea2c1a37d28081e15f4200d60N.exe

    • Size

      169KB

    • MD5

      906ae8aea2c1a37d28081e15f4200d60

    • SHA1

      fae2b5e36b6f73b50d3f59886f7d5a1d6b885e35

    • SHA256

      0b986c6cc99c8e846c9f44953fe85d5ee833f3459a1fa527e2a4253eb8e2fca8

    • SHA512

      5314e48ba836b27af7849f207f823ecbb03083e34c1f00d64baa01f71e137838d21319b3d5e84dd6f61284dcf4b4bfbfc7f0587878d9988e086b2dc28e4f2b78

    • SSDEEP

      3072:414mOxrKFNZYhrgtRFuV2DDbuiTf3hPsOraS87FYqjTZbn4TGh:4nYWYhrgtRo6DSiTf3hPswa1TZjxh

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

      persistence

    • Checks for any installed AV software in registry

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks