Overview

overview

7

Static

static

3

66e705d09b...ck.exe

windows7-x64

7

66e705d09b...ck.exe

windows10-1703-x64

7

66e705d09b...ck.exe

windows10-2004-x64

7

66e705d09b...ck.exe

windows11-21h2-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    66e705d09b33c_jack.exe

  • Size

    4.1MB

  • Sample

    240921-1c9q2avejb

  • MD5

    abdbcc23bd8f767e671bac6d2ff60335

  • SHA1

    18ca867c0502b353e9aad63553efd4eb4e25723f

  • SHA256

    45a7b861baac5f8234433fefd9dbdd0a5f288a18b72346b6b6917cf56882bf85

  • SHA512

    67c00713e6d24d192c0f8e3e49fa146418faf72b2bb42c276ad560f08e39c68f4ab446c47c7e7710778aee9ca1f193ad65e061645b6bcec414844165b5e16bc7

  • SSDEEP

    49152:HYcdjDQdrscIC5SmTT+mfkj8J6iKG7suEAeMDsaUmxb7WnpRGnKuAsF33PKQTunw:HK/f+mfNptIZ/alxGR7uA8Phanzuhjf

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      66e705d09b33c_jack.exe

    • Size

      4.1MB

    • MD5

      abdbcc23bd8f767e671bac6d2ff60335

    • SHA1

      18ca867c0502b353e9aad63553efd4eb4e25723f

    • SHA256

      45a7b861baac5f8234433fefd9dbdd0a5f288a18b72346b6b6917cf56882bf85

    • SHA512

      67c00713e6d24d192c0f8e3e49fa146418faf72b2bb42c276ad560f08e39c68f4ab446c47c7e7710778aee9ca1f193ad65e061645b6bcec414844165b5e16bc7

    • SSDEEP

      49152:HYcdjDQdrscIC5SmTT+mfkj8J6iKG7suEAeMDsaUmxb7WnpRGnKuAsF33PKQTunw:HK/f+mfNptIZ/alxGR7uA8Phanzuhjf

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks