Overview

overview

8

Static

static

3

6fb5071331...bf.exe

windows7-x64

8

6fb5071331...bf.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6fb50713314e5efdea6285202214fbbf

  • Size

    54KB

  • Sample

    240122-r8mfyahfh2

  • MD5

    6fb50713314e5efdea6285202214fbbf

  • SHA1

    0ca70c75795286d099e1ab7559b8f8a5c5061df6

  • SHA256

    51c2c22dd1b44e70b2b5ce8a9bb10b279527e03dbfb60d0810e7b4b2dc1c2dc3

  • SHA512

    855df736f424c765a7561a11807af24fefc64cb5d6a10bddfe0cd525be6249f30c26523abbaca320653bcf210d1efc2a174182ba37fdb2bf24878ba012a8fd40

  • SSDEEP

    1536:/KZiivgFkkHnjXVJj+AvIvWC61AIRNG4ij:UvcDHnjFByvb613A

Score
8/10
evasionpersistence

Malware Config

Targets

    • Target

      6fb50713314e5efdea6285202214fbbf

    • Size

      54KB

    • MD5

      6fb50713314e5efdea6285202214fbbf

    • SHA1

      0ca70c75795286d099e1ab7559b8f8a5c5061df6

    • SHA256

      51c2c22dd1b44e70b2b5ce8a9bb10b279527e03dbfb60d0810e7b4b2dc1c2dc3

    • SHA512

      855df736f424c765a7561a11807af24fefc64cb5d6a10bddfe0cd525be6249f30c26523abbaca320653bcf210d1efc2a174182ba37fdb2bf24878ba012a8fd40

    • SSDEEP

      1536:/KZiivgFkkHnjXVJj+AvIvWC61AIRNG4ij:UvcDHnjFByvb613A

    Score
    8/10
    evasionpersistence

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks