Overview

overview

10

Static

static

3

43ca209b04...0N.exe

windows7-x64

10

43ca209b04...0N.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    43ca209b04b36fd483610ad9ee126900N.exe

  • Size

    396KB

  • Sample

    240713-em1efsxdnh

  • MD5

    43ca209b04b36fd483610ad9ee126900

  • SHA1

    f0ef76230ab24b1d31af129546e45b002726fa99

  • SHA256

    65f98c51d4b3e5020a41531899b0bf48ae4d986335cb46918ea059bc022e78fb

  • SHA512

    7ed5f12c81c6d50a0ec877ec98978e17b945804d1616f91de10db6442814f98d118f9e085c924ef8bbd96335248a1d9215377aaaca1e2731aa75b1291e2f491a

  • SSDEEP

    6144:yXIp3oRtj6qz7yRSFKYyNU9t0JT8vKArIydVuw3GX1pv7DaPe+1qOWGMcQ1fXRHD:y4Stj6Y7WYKYyNUmAv7b4aPb4OWHcQ2

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      43ca209b04b36fd483610ad9ee126900N.exe

    • Size

      396KB

    • MD5

      43ca209b04b36fd483610ad9ee126900

    • SHA1

      f0ef76230ab24b1d31af129546e45b002726fa99

    • SHA256

      65f98c51d4b3e5020a41531899b0bf48ae4d986335cb46918ea059bc022e78fb

    • SHA512

      7ed5f12c81c6d50a0ec877ec98978e17b945804d1616f91de10db6442814f98d118f9e085c924ef8bbd96335248a1d9215377aaaca1e2731aa75b1291e2f491a

    • SSDEEP

      6144:yXIp3oRtj6qz7yRSFKYyNU9t0JT8vKArIydVuw3GX1pv7DaPe+1qOWGMcQ1fXRHD:y4Stj6Y7WYKYyNUmAv7b4aPb4OWHcQ2

    Score
    10/10
    evasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks