Overview

overview

7

Static

static

3

ebede.exe

windows7-x64

7

ebede.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Purchase Order .zip

  • Size

    378KB

  • Sample

    231002-sdvphabh2t

  • MD5

    20374ec15334e8156f6c74fa622727a8

  • SHA1

    e6ebbc7b866ecc4bdb2c4c613f5af079ddc78d5d

  • SHA256

    5154c7f634096d8f89d99ef54a306761a6128936e6260ca5ea7d123cb6dac052

  • SHA512

    43273011c64a04022797ee32a78d11d23a578db6b26a77b22e1d9b06426076d52b2ea7f37c1fae94cd82f6b29d6f62c31cd2f48492af4d9a4d99eae082bcfbd3

  • SSDEEP

    6144:QD1u/ASar6XZnaiJdsjF1z0x1+2sAO/eGMo1ahmWv4909zRNmCOnJohQPGK/q42C:Q5SaHi/AF1on9+/f1wmWZ9z8nGQOyP2C

Score
7/10

Malware Config

Targets

    • Target

      ebede.exe

    • Size

      392KB

    • MD5

      b01746305f5f6173bc489cce8f144b71

    • SHA1

      01aebe1b1c7ea5d4d0d43b195536353c41167713

    • SHA256

      738716f118a29c164740d59ca19da16459eef1c2de1758d9ffed42434c0b364a

    • SHA512

      9bac52b1187762a53040302266b953f589857b8d7307557ad0ef6594cc149abe4e4bea5742695cdcbfefefd9fe99ee38469d246aa2a4d3753b342b9627e1bab7

    • SSDEEP

      12288:BnPdwWSaJi/AF1qn9y/X1w8WZ9V2nEQOyP+SkX:9Pdwwi/A+9yfi82L2nEM6X

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks