Overview

overview

8

Static

static

3

6005a146de...0N.exe

windows7-x64

8

6005a146de...0N.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6005a146de106a3bd5cce4a1980e5650N.exe

  • Size

    63KB

  • Sample

    240726-dh59gasekm

  • MD5

    6005a146de106a3bd5cce4a1980e5650

  • SHA1

    49ca8661752c9b40ae3099d6f51fcf96e6fc162b

  • SHA256

    46bf873406ef28e96eab03e783ff68b1a45c0e512c200706eb27a338d4f1458f

  • SHA512

    f516ec5eba9c0c1eb7a2aa045decaf83178f8630f568d1395ed730d1526e7c332b0fd0081b1f3f90167b12dea32794fee5ac8273562f6e49a4e1bd2aa5f55190

  • SSDEEP

    768:OrItKyw5WHXfQmjIiIk9ecAa6cMb964yXhDLdr:Or3Z5IfQmv81awvyX5Zr

Score
8/10
defense_evasiondiscoveryevasion

Malware Config

Targets

    • Target

      6005a146de106a3bd5cce4a1980e5650N.exe

    • Size

      63KB

    • MD5

      6005a146de106a3bd5cce4a1980e5650

    • SHA1

      49ca8661752c9b40ae3099d6f51fcf96e6fc162b

    • SHA256

      46bf873406ef28e96eab03e783ff68b1a45c0e512c200706eb27a338d4f1458f

    • SHA512

      f516ec5eba9c0c1eb7a2aa045decaf83178f8630f568d1395ed730d1526e7c332b0fd0081b1f3f90167b12dea32794fee5ac8273562f6e49a4e1bd2aa5f55190

    • SSDEEP

      768:OrItKyw5WHXfQmjIiIk9ecAa6cMb964yXhDLdr:Or3Z5IfQmv81awvyX5Zr

    Score
    8/10
    defense_evasiondiscoveryevasion

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks