Overview

overview

8

Static

static

3

79bf643bd0...bf.exe

windows7-x64

8

79bf643bd0...bf.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    79bf643bd019830ddeea79d738f344bf

  • Size

    168KB

  • Sample

    240127-kba83sgec6

  • MD5

    79bf643bd019830ddeea79d738f344bf

  • SHA1

    c6f1b1a2231a90bcac591405ae7fcaedca0a91e6

  • SHA256

    7f7b62f546109ab0c734cbd8397deef2f4f1dfe27714c0c5bbe86ba315b88985

  • SHA512

    97d2670cd819921bde674b6b9965eee8f821cbfde50f7e070e791350c6d12b95c100121860469a6ce50b5abe8fa41ffd886337e305b376819b9a1439f0a21794

  • SSDEEP

    1536:AgIMXN4czoLRpCt98SaE4cku5V72O0zR1VuCEWWAERIxpE+4:BBARzSaEkuj72rzR1VuzWWCk

Score
8/10
evasionpersistence

Malware Config

Targets

    • Target

      79bf643bd019830ddeea79d738f344bf

    • Size

      168KB

    • MD5

      79bf643bd019830ddeea79d738f344bf

    • SHA1

      c6f1b1a2231a90bcac591405ae7fcaedca0a91e6

    • SHA256

      7f7b62f546109ab0c734cbd8397deef2f4f1dfe27714c0c5bbe86ba315b88985

    • SHA512

      97d2670cd819921bde674b6b9965eee8f821cbfde50f7e070e791350c6d12b95c100121860469a6ce50b5abe8fa41ffd886337e305b376819b9a1439f0a21794

    • SSDEEP

      1536:AgIMXN4czoLRpCt98SaE4cku5V72O0zR1VuCEWWAERIxpE+4:BBARzSaEkuj72rzR1VuzWWCk

    Score
    8/10
    evasionpersistence

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks