Overview

overview

10

Static

static

3

b9854b7088...60.exe

windows7-x64

10

b9854b7088...60.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    b9854b708882ef37ef1e27f65b174060

  • Size

    34KB

  • Sample

    240307-yn49ksdc5w

  • MD5

    b9854b708882ef37ef1e27f65b174060

  • SHA1

    fd6774ed0e671cbe765619fe041ab93294746d07

  • SHA256

    85cb91f66f432c42a71c741f807288ab2888f5601b7311b5c48bf473461a0f2a

  • SHA512

    a9da65545770336a89dbb8d76c6e63abe27b71cb94eb380a8c79b541468fbe590597686d8244e52e549ac8f214370aa55214bb3a17a63a19a3edd90b728e7074

  • SSDEEP

    768:MyFm2Gn9m9VTXiqzvb7QfNbPtmil8IeZhsjr8E2la2ZjH78K6:My82WmrTXNb4dFm08IeZhsP2TBH7/6

Score
10/10
persistence

Malware Config

Targets

    • Target

      b9854b708882ef37ef1e27f65b174060

    • Size

      34KB

    • MD5

      b9854b708882ef37ef1e27f65b174060

    • SHA1

      fd6774ed0e671cbe765619fe041ab93294746d07

    • SHA256

      85cb91f66f432c42a71c741f807288ab2888f5601b7311b5c48bf473461a0f2a

    • SHA512

      a9da65545770336a89dbb8d76c6e63abe27b71cb94eb380a8c79b541468fbe590597686d8244e52e549ac8f214370aa55214bb3a17a63a19a3edd90b728e7074

    • SSDEEP

      768:MyFm2Gn9m9VTXiqzvb7QfNbPtmil8IeZhsjr8E2la2ZjH78K6:My82WmrTXNb4dFm08IeZhsP2TBH7/6

    Score
    10/10
    persistence

    • Modifies WinLogon for persistence

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks