Overview

overview

7

Static

static

3

efb0789942...b6.exe

windows7-x64

7

efb0789942...b6.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    efb0789942d292442e78d31d88b2d58c1092b4342128ca3af4057797aaa673b6

  • Size

    22KB

  • Sample

    240724-e96vraycqq

  • MD5

    c709fe1d62973e686760c3635911318d

  • SHA1

    f063cde17446e138286b6c37dce09dc03dbd929e

  • SHA256

    efb0789942d292442e78d31d88b2d58c1092b4342128ca3af4057797aaa673b6

  • SHA512

    f124255d10ffad6aa8fc70559bac301fb12748f78d126710e3e4a3027d74a9e8b9992961e907dcb118f93d5f71215f6e5732c3d493a0c301188bd5f5aa24b3dd

  • SSDEEP

    384:vdR8iQLoFx1jW5sIiR5tGD4ZQYKL7Mv8Dl+1NQxFrkWIb:vr8X+GsHRGYS+1NSFrY

Score
7/10
defense_evasiondiscoverypersistence

Malware Config

Targets

    • Target

      efb0789942d292442e78d31d88b2d58c1092b4342128ca3af4057797aaa673b6

    • Size

      22KB

    • MD5

      c709fe1d62973e686760c3635911318d

    • SHA1

      f063cde17446e138286b6c37dce09dc03dbd929e

    • SHA256

      efb0789942d292442e78d31d88b2d58c1092b4342128ca3af4057797aaa673b6

    • SHA512

      f124255d10ffad6aa8fc70559bac301fb12748f78d126710e3e4a3027d74a9e8b9992961e907dcb118f93d5f71215f6e5732c3d493a0c301188bd5f5aa24b3dd

    • SSDEEP

      384:vdR8iQLoFx1jW5sIiR5tGD4ZQYKL7Mv8Dl+1NQxFrkWIb:vr8X+GsHRGYS+1NSFrY

    Score
    7/10
    defense_evasiondiscoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks