Overview

overview

7

Static

static

1

41824b1e14...0N.exe

windows7-x64

7

41824b1e14...0N.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    41824b1e1465f45f5eb2c16a6760f150N.exe

  • Size

    78KB

  • Sample

    240724-dvcspaydlc

  • MD5

    41824b1e1465f45f5eb2c16a6760f150

  • SHA1

    82e48c5c8d2bae0a598881f162bdb2125ea31bf0

  • SHA256

    9b3adb5c044016825d5bfcb1c4a135faf7605e6af5bbead555634950b5cd03b6

  • SHA512

    e80394a4b84872edde5c0696cb47c3b7e2e5e8a13ecd43d69561da0b33f3167b584230c8c7b52a94d17548443ff502e7dc1062e89cda11238df193bc8bf7a6f4

  • SSDEEP

    1536:nLNIW39SaZTbFARlq7jC1OZstZu0TS3gEdUJCkb0FGR:nLlbZTZX3BAtTS3gEdUJCkb0FGR

Score
7/10
defense_evasiondiscoverypersistence

Malware Config

Targets

    • Target

      41824b1e1465f45f5eb2c16a6760f150N.exe

    • Size

      78KB

    • MD5

      41824b1e1465f45f5eb2c16a6760f150

    • SHA1

      82e48c5c8d2bae0a598881f162bdb2125ea31bf0

    • SHA256

      9b3adb5c044016825d5bfcb1c4a135faf7605e6af5bbead555634950b5cd03b6

    • SHA512

      e80394a4b84872edde5c0696cb47c3b7e2e5e8a13ecd43d69561da0b33f3167b584230c8c7b52a94d17548443ff502e7dc1062e89cda11238df193bc8bf7a6f4

    • SSDEEP

      1536:nLNIW39SaZTbFARlq7jC1OZstZu0TS3gEdUJCkb0FGR:nLlbZTZX3BAtTS3gEdUJCkb0FGR

    Score
    7/10
    defense_evasiondiscoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks