Overview

overview

8

Static

static

3

55f813b368...f2.exe

windows7-x64

8

55f813b368...f2.exe

windows10-1703-x64

8

55f813b368...f2.exe

windows10-2004-x64

8

55f813b368...f2.exe

windows11-21h2-x64

8

Resubmissions

25-09-2024 14:02

240925-rcfzaasenf 8

25-09-2024 14:02

240925-rb6tbaygpk 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    55f813b368e7834f7f692c2e2451b8f2.exe

  • Size

    37KB

  • Sample

    240925-rcfzaasenf

  • MD5

    55f813b368e7834f7f692c2e2451b8f2

  • SHA1

    3ff5aee5e0acd936ddabe4ec6113744988d526d3

  • SHA256

    f6df63c031b23c4fc8f3d235284539fa4745086388e10e2d226564dea47ab54a

  • SHA512

    941663b113c4fb35ccae4428bf37717c78e96ea832c9700de92741f39c1cef65bd2adbf1ae4138ba5d3d97e9f8381b50425a6f7d760ca1f49e33a6305ae9074b

  • SSDEEP

    384:d4so92aul8VctMCqTX3xAkSVE6B95rfRqzhBaSUR4WVJl/vrseE7+Db9/:d4s6ulPg6XO66WRqGB

Score
8/10
discovery

Malware Config

Targets

    • Target

      55f813b368e7834f7f692c2e2451b8f2.exe

    • Size

      37KB

    • MD5

      55f813b368e7834f7f692c2e2451b8f2

    • SHA1

      3ff5aee5e0acd936ddabe4ec6113744988d526d3

    • SHA256

      f6df63c031b23c4fc8f3d235284539fa4745086388e10e2d226564dea47ab54a

    • SHA512

      941663b113c4fb35ccae4428bf37717c78e96ea832c9700de92741f39c1cef65bd2adbf1ae4138ba5d3d97e9f8381b50425a6f7d760ca1f49e33a6305ae9074b

    • SSDEEP

      384:d4so92aul8VctMCqTX3xAkSVE6B95rfRqzhBaSUR4WVJl/vrseE7+Db9/:d4s6ulPg6XO66WRqGB

    Score
    8/10
    discovery

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of SetThreadContext

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks