Overview

overview

10

Static

static

3

0abff87ffd...ee.exe

windows7-x64

1

0abff87ffd...ee.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0abff87ffdb2ef66c7cfc3f96fc785ee

  • Size

    156KB

  • Sample

    231230-cawjmahcd2

  • MD5

    0abff87ffdb2ef66c7cfc3f96fc785ee

  • SHA1

    0ae88e5005542e0a37d021260b71ce0109ad292f

  • SHA256

    a7a7d4b9df6b9aaa5b5627c950b1b484d9506d2d50dc09e85b96748495378a44

  • SHA512

    80853ebb0a32b4aba735cf56e16c90ea7fa0027fbeb6d810636a11f37bd4183b4bd385904ea57c1e8a86e702d6c1e6b74654b87e95c1415b397784b5b80981cf

  • SSDEEP

    3072:PNMt0S4aZhJdxKPE+vgu36MN9vqKyHjm6I1JDVOc2W4oQZiERg7:7m7d0zvhqMN9vgjm6ILDVOAWA

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      0abff87ffdb2ef66c7cfc3f96fc785ee

    • Size

      156KB

    • MD5

      0abff87ffdb2ef66c7cfc3f96fc785ee

    • SHA1

      0ae88e5005542e0a37d021260b71ce0109ad292f

    • SHA256

      a7a7d4b9df6b9aaa5b5627c950b1b484d9506d2d50dc09e85b96748495378a44

    • SHA512

      80853ebb0a32b4aba735cf56e16c90ea7fa0027fbeb6d810636a11f37bd4183b4bd385904ea57c1e8a86e702d6c1e6b74654b87e95c1415b397784b5b80981cf

    • SSDEEP

      3072:PNMt0S4aZhJdxKPE+vgu36MN9vqKyHjm6I1JDVOc2W4oQZiERg7:7m7d0zvhqMN9vgjm6ILDVOAWA

    Score
    10/10
    evasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks