Overview

overview

8

Static

static

3

7c7c470ee7...f0.exe

windows7-x64

8

7c7c470ee7...f0.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    7c7c470ee751fdd216ac76a17e1db5f0

  • Size

    57KB

  • Sample

    240128-h4kxwadgg6

  • MD5

    7c7c470ee751fdd216ac76a17e1db5f0

  • SHA1

    ae3e8bfba4328fb134586f61567dd938141dda9f

  • SHA256

    24d1001f1bb45a49449dd2b15bdea7e7b930c09a755c9799ba9d833d9b8968d8

  • SHA512

    ce428f114dc7a96aa04d081ec59f37809624901f1da4c0df240f4cfa1f85648f2740bb0fd519c8b6f632e521f325e26a67f8efb13c9f148fa9bc55f2fe5bd3b3

  • SSDEEP

    1536:+TbbFsJXt+zYI6evWmB05G4MkX9hqHvlLkrF:+ZMXE81b9Okb09GF

Score
8/10
evasionpersistence

Malware Config

Targets

    • Target

      7c7c470ee751fdd216ac76a17e1db5f0

    • Size

      57KB

    • MD5

      7c7c470ee751fdd216ac76a17e1db5f0

    • SHA1

      ae3e8bfba4328fb134586f61567dd938141dda9f

    • SHA256

      24d1001f1bb45a49449dd2b15bdea7e7b930c09a755c9799ba9d833d9b8968d8

    • SHA512

      ce428f114dc7a96aa04d081ec59f37809624901f1da4c0df240f4cfa1f85648f2740bb0fd519c8b6f632e521f325e26a67f8efb13c9f148fa9bc55f2fe5bd3b3

    • SSDEEP

      1536:+TbbFsJXt+zYI6evWmB05G4MkX9hqHvlLkrF:+ZMXE81b9Okb09GF

    Score
    8/10
    evasionpersistence

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks