Overview

overview

8

Static

static

3

1bf929598b...84.exe

windows7-x64

8

1bf929598b...84.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1bf929598b76ec45c5f5077608bd3684

  • Size

    79KB

  • Sample

    240409-1hah5ace47

  • MD5

    1bf929598b76ec45c5f5077608bd3684

  • SHA1

    e14cee018dcce13950258f833958fed9365364cb

  • SHA256

    ee622ca7ff51ed3372ac641e71ef48c040d6fac84e41913a57230a050a70b082

  • SHA512

    88abed6f672149394cb124c444226fcebd43470c0b8a408daa1fd1cdca7af35fa36d24eb44877679ab8ade3aae52a021017b73dce62b2e998bc2a811e96e3cfa

  • SSDEEP

    1536:bDcWLfIbgEp10gyX/dtnTHNWnnn622222O:bDXL0n0gyX/d1re2222O

Score
8/10
evasion

Malware Config

Targets

    • Target

      1bf929598b76ec45c5f5077608bd3684

    • Size

      79KB

    • MD5

      1bf929598b76ec45c5f5077608bd3684

    • SHA1

      e14cee018dcce13950258f833958fed9365364cb

    • SHA256

      ee622ca7ff51ed3372ac641e71ef48c040d6fac84e41913a57230a050a70b082

    • SHA512

      88abed6f672149394cb124c444226fcebd43470c0b8a408daa1fd1cdca7af35fa36d24eb44877679ab8ade3aae52a021017b73dce62b2e998bc2a811e96e3cfa

    • SSDEEP

      1536:bDcWLfIbgEp10gyX/dtnTHNWnnn622222O:bDXL0n0gyX/d1re2222O

    Score
    8/10
    evasion

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks