Overview

overview

8

Static

static

3

ba0e450761...9b.exe

windows7-x64

8

ba0e450761...9b.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ba0e450761dbcf66a421ba61b2347949bc2574c37616813f0882fb4dfabe9e9b

  • Size

    4.7MB

  • Sample

    240726-1zhk3a1ckh

  • MD5

    dda719a2233e62409fb03ae1b5ee1a84

  • SHA1

    f532eb8e69ff8651cdb417ef815aba745f0bc44c

  • SHA256

    ba0e450761dbcf66a421ba61b2347949bc2574c37616813f0882fb4dfabe9e9b

  • SHA512

    20c48b0ef4ae98e68ec13042140371ded43d7013e62f734925821d486dc5f729c88477864f012441f2e282ecd81762825f6459c187deaf15e2e9f84dc6314a85

  • SSDEEP

    98304:K7QHSstBsVkVUwXPm8jQnUO8oGkqvJ1ue3OIHnPV7sa5owm1:kQVyC+4OUO7qPfO0PV7sWowm

Score
8/10
discoveryevasionexecutionpersistence

Malware Config

Targets

    • Target

      ba0e450761dbcf66a421ba61b2347949bc2574c37616813f0882fb4dfabe9e9b

    • Size

      4.7MB

    • MD5

      dda719a2233e62409fb03ae1b5ee1a84

    • SHA1

      f532eb8e69ff8651cdb417ef815aba745f0bc44c

    • SHA256

      ba0e450761dbcf66a421ba61b2347949bc2574c37616813f0882fb4dfabe9e9b

    • SHA512

      20c48b0ef4ae98e68ec13042140371ded43d7013e62f734925821d486dc5f729c88477864f012441f2e282ecd81762825f6459c187deaf15e2e9f84dc6314a85

    • SSDEEP

      98304:K7QHSstBsVkVUwXPm8jQnUO8oGkqvJ1ue3OIHnPV7sa5owm1:kQVyC+4OUO7qPfO0PV7sWowm

    Score
    8/10
    discoveryevasionexecutionpersistence

    • Creates new service(s)

      persistenceexecution

    • Stops running service(s)

      evasionexecution

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks