General

  • Target

    6c86627371d5f719d39125ac7eeaf9e050ddecbd7d8a05cba9b00b0bd7caf629

  • Size

    83KB

  • Sample

    240525-2thjjseb32

  • MD5

    2f0d21d0896b46a71dba6304879e9d09

  • SHA1

    11d771a5b7724e419d01432b191ba9486ecd79dd

  • SHA256

    6c86627371d5f719d39125ac7eeaf9e050ddecbd7d8a05cba9b00b0bd7caf629

  • SHA512

    70228c2a899479295b586f6f8b626da952d85f69a52cc2ec13b9dc1c438288b7cbc75272c59b9c0bcb119b0805b6a2a417525c14ef77ad595f35cf9380395d80

  • SSDEEP

    1536:yr3Z5IfQmv81a7pP1xF3yX2tM/jTEwwwEiiiiR:WJOfQm01q9X3yX2q/jTQ

Score
10/10

Malware Config

Targets

    • Target

      6c86627371d5f719d39125ac7eeaf9e050ddecbd7d8a05cba9b00b0bd7caf629

    • Size

      83KB

    • MD5

      2f0d21d0896b46a71dba6304879e9d09

    • SHA1

      11d771a5b7724e419d01432b191ba9486ecd79dd

    • SHA256

      6c86627371d5f719d39125ac7eeaf9e050ddecbd7d8a05cba9b00b0bd7caf629

    • SHA512

      70228c2a899479295b586f6f8b626da952d85f69a52cc2ec13b9dc1c438288b7cbc75272c59b9c0bcb119b0805b6a2a417525c14ef77ad595f35cf9380395d80

    • SSDEEP

      1536:yr3Z5IfQmv81a7pP1xF3yX2tM/jTEwwwEiiiiR:WJOfQm01q9X3yX2q/jTQ

    Score
    9/10
    • Detects Windows executables referencing non-Windows User-Agents

    • UPX dump on OEP (original entry point)

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks