Overview

overview

8

Static

static

3

b258bae20f...1N.exe

windows7-x64

8

b258bae20f...1N.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    b258bae20f51d60bde41551e5a8da42a552412f2091fe06f8590dcac7d9a5131N.exe

  • Size

    495KB

  • Sample

    240925-tw3y9svenj

  • MD5

    4ad6068cae8d6285aa881ebaf2df02a0

  • SHA1

    a6f46b31b5d21a97d502f21368b5d91f970f2add

  • SHA256

    b258bae20f51d60bde41551e5a8da42a552412f2091fe06f8590dcac7d9a5131

  • SHA512

    ecdc4295a5f04cb919d7499a2e783ade2d701ec42992ed9ca2c47367aa3af0915f230561b0f386f9156157f514dc2cf55f721c42fdb30fb03cd9865cfb7a5813

  • SSDEEP

    6144:MZaZaZaZaZaZaZaZaZaZaZaZaZaZaZ5t6KYZLLfZNA:MwwwwwwwwwwwwwwdDj

Score
8/10
discovery

Malware Config

Targets

    • Target

      b258bae20f51d60bde41551e5a8da42a552412f2091fe06f8590dcac7d9a5131N.exe

    • Size

      495KB

    • MD5

      4ad6068cae8d6285aa881ebaf2df02a0

    • SHA1

      a6f46b31b5d21a97d502f21368b5d91f970f2add

    • SHA256

      b258bae20f51d60bde41551e5a8da42a552412f2091fe06f8590dcac7d9a5131

    • SHA512

      ecdc4295a5f04cb919d7499a2e783ade2d701ec42992ed9ca2c47367aa3af0915f230561b0f386f9156157f514dc2cf55f721c42fdb30fb03cd9865cfb7a5813

    • SSDEEP

      6144:MZaZaZaZaZaZaZaZaZaZaZaZaZaZaZ5t6KYZLLfZNA:MwwwwwwwwwwwwwwdDj

    Score
    8/10
    discovery

    • Drops file in Drivers directory

    • Manipulates Digital Signatures

      Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks