Overview

overview

10

Static

static

e6e64a5a7d...4b.exe

windows7-x64

10

e6e64a5a7d...4b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e6e64a5a7dd78c9af2b5c537b926132ef040787c606277191b93e1b0db28254b

  • Size

    269KB

  • Sample

    221021-fcjjmacee6

  • MD5

    536a90fe699c0f9be14f4e76f5b8ca10

  • SHA1

    650d47f6f975b3c7661b6070731b9c86fc001c08

  • SHA256

    e6e64a5a7dd78c9af2b5c537b926132ef040787c606277191b93e1b0db28254b

  • SHA512

    7e6187ab5c82af798ed36b651ee3279ec1b1aea192bfadb4f4cf4beea2e212972ceb2ffa1325d157737826c773bbc1139248a960ac09275b283f5c54efd1a058

  • SSDEEP

    6144:cBZABbWqsE/Ao+mv8Qv0LVmwq4FU0fNoy65a7K/1kknKhv/h:cfANwRo+mv8QD4+0V16M7Kdah

Score
10/10
discoveryevasionpersistence

Malware Config

Targets

    • Target

      e6e64a5a7dd78c9af2b5c537b926132ef040787c606277191b93e1b0db28254b

    • Size

      269KB

    • MD5

      536a90fe699c0f9be14f4e76f5b8ca10

    • SHA1

      650d47f6f975b3c7661b6070731b9c86fc001c08

    • SHA256

      e6e64a5a7dd78c9af2b5c537b926132ef040787c606277191b93e1b0db28254b

    • SHA512

      7e6187ab5c82af798ed36b651ee3279ec1b1aea192bfadb4f4cf4beea2e212972ceb2ffa1325d157737826c773bbc1139248a960ac09275b283f5c54efd1a058

    • SSDEEP

      6144:cBZABbWqsE/Ao+mv8Qv0LVmwq4FU0fNoy65a7K/1kknKhv/h:cfANwRo+mv8QD4+0V16M7Kdah

    Score
    10/10
    discoveryevasionpersistence

    • Modifies firewall policy service

      evasion

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks