Overview

overview

6

Static

static

1

PL2W.exe

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

General

  • Target

    PL2W.exe

  • Size

    11.1MB

  • Sample

    250706-f776gaaq91

  • MD5

    875e39635b9caa7f8987f4a2347e8623

  • SHA1

    fe618ff0dde22ebf6dea95a2a104eec6c512ed44

  • SHA256

    1dadd80bfa93237180e53dfb4ee8e033900a26b63b8203c8d922ac9edf260ab0

  • SHA512

    7892b102e14f85494573f84763b2d9f7557966dd29e6a003e16889e03908d580c94dceff9cbc3164e19a7cf0acf66f742c9a46608b5d1a69d16aa71c7cbf6cf9

  • SSDEEP

    196608:TYRGuH409xtKY75HyC5uvrqaUgYH/IHe8:luHPxt7ZXa4H/IHe8

Score
6/10
defense_evasiondiscoveryexecutiontrojan

Malware Config

Targets

    • Target

      PL2W.exe

    • Size

      11.1MB

    • MD5

      875e39635b9caa7f8987f4a2347e8623

    • SHA1

      fe618ff0dde22ebf6dea95a2a104eec6c512ed44

    • SHA256

      1dadd80bfa93237180e53dfb4ee8e033900a26b63b8203c8d922ac9edf260ab0

    • SHA512

      7892b102e14f85494573f84763b2d9f7557966dd29e6a003e16889e03908d580c94dceff9cbc3164e19a7cf0acf66f742c9a46608b5d1a69d16aa71c7cbf6cf9

    • SSDEEP

      196608:TYRGuH409xtKY75HyC5uvrqaUgYH/IHe8:luHPxt7ZXa4H/IHe8

    Score
    6/10
    defense_evasiondiscoveryexecutiontrojan

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

      execution

    • Network Share Discovery

      Attempt to gather information on host network.

      discovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1

MITRE ATT&CK Enterprise v16

Tasks