Overview

overview

7

Static

static

3

advanced_s...ix.exe

windows10-1703-x64

7

advanced_s...ix.exe

windows10-2004-x64

7

advanced_s...ix.exe

windows11-21h2-x64

7

Resubmissions

08-09-2024 12:45

240908-py3daswhkn 7

08-09-2024 12:32

240908-pq3n4aycqf 7

08-09-2024 12:16

240908-pfhwyaxgme 10

08-09-2024 12:00

240908-n6lj3sxcmf 7

08-09-2024 11:38

240908-nr29aawekf 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    advanced_systemcare_pro_v17.6.0.322___fix.zip

  • Size

    21.7MB

  • Sample

    240908-pq3n4aycqf

  • MD5

    2e6504d4eef2e03f5c1151d713ad4fc5

  • SHA1

    c49b72aa6c3f23034f516857390d899a25e8f4f8

  • SHA256

    beda3334ba514f8b961f01e1b5e1ce651304658046267f502c520b5bba387889

  • SHA512

    1f9efc8d0e2ec42a35dec0f6353828dedca3244567a5cd7f0995892dfd5fbd9cc12252c34a6a05fa5bf099594d4dd04f17d418f03f8c6b7f9a0257bc43024974

  • SSDEEP

    393216:VUi1l8b3i+cKNn4PfcZYiHc3sdGGo5woX40LP5CVtT6cfWDjax/Gle26xzDJ:VN8b1S3+YGc8dGPXl5CX6caq/GwJ1DJ

Score
7/10
discovery

Malware Config

Targets

    • Target

      advanced_systemcare_pro_v17.6.0.322___fix.exe

    • Size

      923.3MB

    • MD5

      56350b49279ccf7a67d8149a9c25ab4b

    • SHA1

      77a78bbf68ab7564b5f0aecafb84173363f3f22e

    • SHA256

      18bcbd5161a3311538446b0497ccfa40fde691e1afdbdbb083a156288ea5f666

    • SHA512

      775425c7607e9aa99b5c1ab0a914b602c0d038639b484c1eb263fb5da07ab7103a867370782d6200c10a8f1f5fca145eb518851f081eb2b6e8664d9a76d06b92

    • SSDEEP

      786432:aK8eGdUugDCFZUiX8Uk3Ll7pkyAdXroyghObNrG:aKydJgGFaiX8UyLZpkyAdXrpLbE

    Score
    7/10
    discovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Enumerates processes with tasklist

      discovery

    • Suspicious use of SetThreadContext

    behavioral1behavioral2behavioral3

MITRE ATT&CK Enterprise v15

Tasks