Overview

overview

10

Static

static

10

app.asar

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    app.asar

  • Size

    26.2MB

  • Sample

    240915-xz7cmsyenf

  • MD5

    4b2f3c2a979721edaa7e8141cd9ed59b

  • SHA1

    5a8441a0e7292cfacf776185c5bb0ff64c763005

  • SHA256

    b46ffd5eaa28f8b42970d4b9ac5b5dfab5306e8393676fe6a29ed1e23ab36e80

  • SHA512

    2cfd1000147c005ae0b8412682b78ee6b7220635bc491bab757e1db565060a27eff42c7a12b67585439d34424e41c274f494ae0dfa24a1ff5819ee3eb2bb98db

  • SSDEEP

    98304:N8W9rGH5FeH9Ohy+875uACM1BmTBM3Xtos69otP6dDghdBkgyDxBWNdeViubAbxg:N86T6T8QACMWBgtP6wg0CZWr+yPU6RIZ

Score
10/10
epsilondiscovery

Malware Config

Targets

    • Target

      app.asar

    • Size

      26.2MB

    • MD5

      4b2f3c2a979721edaa7e8141cd9ed59b

    • SHA1

      5a8441a0e7292cfacf776185c5bb0ff64c763005

    • SHA256

      b46ffd5eaa28f8b42970d4b9ac5b5dfab5306e8393676fe6a29ed1e23ab36e80

    • SHA512

      2cfd1000147c005ae0b8412682b78ee6b7220635bc491bab757e1db565060a27eff42c7a12b67585439d34424e41c274f494ae0dfa24a1ff5819ee3eb2bb98db

    • SSDEEP

      98304:N8W9rGH5FeH9Ohy+875uACM1BmTBM3Xtos69otP6dDghdBkgyDxBWNdeViubAbxg:N86T6T8QACMWBgtP6wg0CZWr+yPU6RIZ

    Score
    7/10
    discovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks