Overview

overview

7

Static

static

3

e71f6d423a...0N.exe

windows7-x64

7

e71f6d423a...0N.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    e71f6d423adc2111d478b1d03d965c40N.exe

  • Size

    56KB

  • Sample

    240817-thq3jsthjh

  • MD5

    e71f6d423adc2111d478b1d03d965c40

  • SHA1

    b6bc6262d42d2e18a26bd40fe0756e307ec30c4f

  • SHA256

    94691f0dc50f93a529ade340ee96c193603606936d037a798659bc70da5a5055

  • SHA512

    05cc7b30079bdafde1a9c6d9a4103567c7f84caaf37906e2454ff83ced9041046967922ab1faa11582c5479cd9324c0502d8e05debd478e617ea6bbed59ae8cf

  • SSDEEP

    1536:hvQoLHjw2iWPKMvw71/RLyX3Gvooodwwwt111lh:hv5Ls27BIJ/RLyX3qooodwwwt111b

Score
7/10
defense_evasiondiscovery

Malware Config

Targets

    • Target

      e71f6d423adc2111d478b1d03d965c40N.exe

    • Size

      56KB

    • MD5

      e71f6d423adc2111d478b1d03d965c40

    • SHA1

      b6bc6262d42d2e18a26bd40fe0756e307ec30c4f

    • SHA256

      94691f0dc50f93a529ade340ee96c193603606936d037a798659bc70da5a5055

    • SHA512

      05cc7b30079bdafde1a9c6d9a4103567c7f84caaf37906e2454ff83ced9041046967922ab1faa11582c5479cd9324c0502d8e05debd478e617ea6bbed59ae8cf

    • SSDEEP

      1536:hvQoLHjw2iWPKMvw71/RLyX3Gvooodwwwt111lh:hv5Ls27BIJ/RLyX3qooodwwwt111b

    Score
    7/10
    defense_evasiondiscovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks