Overview

overview

10

Static

static

3

4c9d7438e4...c5.exe

windows7-x64

10

4c9d7438e4...c5.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    4c9d7438e4f82a53a645c112b22113c5

  • Size

    380KB

  • Sample

    240108-2dgbjsdfer

  • MD5

    4c9d7438e4f82a53a645c112b22113c5

  • SHA1

    c7693156791ce2d538e651fabca86da822477584

  • SHA256

    47cad491bdbc67f0497e239128860709a830c6d137268800240536190993f5b9

  • SHA512

    71ef125c3ba93c6b5ff2076c59e7b1a927e23ddb364fd8970fb41d64f2cc802c8607d88cc4af15010fa4327e9815858b82f491bc8da29d0f9b914ecf02edd7bf

  • SSDEEP

    6144:BhYeUK1Zc/jWhvd0yTN8jT0M1zWyjYd0cdo:3Y7KQeV0Ce0IzWvW

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      4c9d7438e4f82a53a645c112b22113c5

    • Size

      380KB

    • MD5

      4c9d7438e4f82a53a645c112b22113c5

    • SHA1

      c7693156791ce2d538e651fabca86da822477584

    • SHA256

      47cad491bdbc67f0497e239128860709a830c6d137268800240536190993f5b9

    • SHA512

      71ef125c3ba93c6b5ff2076c59e7b1a927e23ddb364fd8970fb41d64f2cc802c8607d88cc4af15010fa4327e9815858b82f491bc8da29d0f9b914ecf02edd7bf

    • SSDEEP

      6144:BhYeUK1Zc/jWhvd0yTN8jT0M1zWyjYd0cdo:3Y7KQeV0Ce0IzWvW

    Score
    10/10
    evasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks