Overview

overview

10

Static

static

3

6fbf905667...d7.exe

windows7-x64

10

6fbf905667...d7.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6fbf905667e5166c2080cf299014612c39d8b4406bd27cdc17f697dbfbe724d7

  • Size

    86KB

  • Sample

    240610-29lk5svfkr

  • MD5

    ba43943544b7864a8291a78e130e6192

  • SHA1

    39b5cd295d0650ba6be98ef99ee020496fe29050

  • SHA256

    6fbf905667e5166c2080cf299014612c39d8b4406bd27cdc17f697dbfbe724d7

  • SHA512

    5b4ca4127b7eb68e44a8684de8fb49274366a1c5c9a92448bf7853e4b67f5f4a78a5b324f35657eeffd1c1566924dbe961bce24e0aa5d8a39f9de02fce101101

  • SSDEEP

    1536:Ha3+ddygX7y9v7Z+NoykJHBOAFRfBjG3EdoIT:68dfX7y9DZ+N7eB+hIT

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      6fbf905667e5166c2080cf299014612c39d8b4406bd27cdc17f697dbfbe724d7

    • Size

      86KB

    • MD5

      ba43943544b7864a8291a78e130e6192

    • SHA1

      39b5cd295d0650ba6be98ef99ee020496fe29050

    • SHA256

      6fbf905667e5166c2080cf299014612c39d8b4406bd27cdc17f697dbfbe724d7

    • SHA512

      5b4ca4127b7eb68e44a8684de8fb49274366a1c5c9a92448bf7853e4b67f5f4a78a5b324f35657eeffd1c1566924dbe961bce24e0aa5d8a39f9de02fce101101

    • SSDEEP

      1536:Ha3+ddygX7y9v7Z+NoykJHBOAFRfBjG3EdoIT:68dfX7y9DZ+N7eB+hIT

    Score
    10/10
    evasionpersistence

    • Modifies WinLogon for persistence

      persistence

    • Modifies visibility of file extensions in Explorer

      evasion

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks