Overview

overview

8

Static

static

3

226a37c777...5e.exe

windows7-x64

8

226a37c777...5e.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    226a37c77701922a65f62a1710076d1015da36077fa9a73e5cfb9543118d475e.exe

  • Size

    8.9MB

  • Sample

    241121-kn4q6a1drp

  • MD5

    9c34eb64f458f748970b157de4c27770

  • SHA1

    47c16397efbab09835b1ebe9e04b698882e0bbe4

  • SHA256

    226a37c77701922a65f62a1710076d1015da36077fa9a73e5cfb9543118d475e

  • SHA512

    a2e6477c8814109580c58f60fca7d1bd991e14052dbc51544b868a66b9757470130ddcb64035e53dcc03118f46876acd87d3f85bfe2d49bd66d5f980ca4dc0ee

  • SSDEEP

    196608:63qCEEkDhSQd4zgdFpcHPHpjooIC93qCEEkDhSQd4zgdFpcHPHpjooICw3qCEEkZ:63qEEuHpjooIW3qEEuHpjooIL3qEEuH4

Score
8/10
discoveryphishing

Malware Config

Targets

    • Target

      226a37c77701922a65f62a1710076d1015da36077fa9a73e5cfb9543118d475e.exe

    • Size

      8.9MB

    • MD5

      9c34eb64f458f748970b157de4c27770

    • SHA1

      47c16397efbab09835b1ebe9e04b698882e0bbe4

    • SHA256

      226a37c77701922a65f62a1710076d1015da36077fa9a73e5cfb9543118d475e

    • SHA512

      a2e6477c8814109580c58f60fca7d1bd991e14052dbc51544b868a66b9757470130ddcb64035e53dcc03118f46876acd87d3f85bfe2d49bd66d5f980ca4dc0ee

    • SSDEEP

      196608:63qCEEkDhSQd4zgdFpcHPHpjooIC93qCEEkDhSQd4zgdFpcHPHpjooICw3qCEEkZ:63qEEuHpjooIW3qEEuHpjooIL3qEEuH4

    Score
    8/10
    discoveryphishing

    • Drops file in Drivers directory

    • Manipulates Digital Signatures

      Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.

    • A potential corporate email address has been identified in the URL: 67C716D751E567F70A490D4C@AdobeOrg

      phishing

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks