Overview

overview

8

Static

static

3

11657096d1...0N.exe

windows7-x64

8

11657096d1...0N.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    11657096d15816466dd60ea5a1e90aa0N.exe

  • Size

    65KB

  • Sample

    240819-m3pa5azfpf

  • MD5

    11657096d15816466dd60ea5a1e90aa0

  • SHA1

    7bb01d0b4ff866e2b0cab4d96bc86bf760d57586

  • SHA256

    e05e8ba812aa6b58db11b8d036a96e0ff6b580419b833b93543c210c26923b7d

  • SHA512

    4474847f745a439a68bc9bf03e1d07a255191b33aae57cb27e69faf9702f1f9e749f0eaf3546ba88b2ecfb83b9899acef10a73b9cf12196864885e35edc4f917

  • SSDEEP

    768:ZrItKyw5WHXfQIhIiIk9ecAaVPD96KyX6p:Zr3Z5IfQIR81ad5yX6p

Score
8/10
defense_evasiondiscoveryevasion

Malware Config

Targets

    • Target

      11657096d15816466dd60ea5a1e90aa0N.exe

    • Size

      65KB

    • MD5

      11657096d15816466dd60ea5a1e90aa0

    • SHA1

      7bb01d0b4ff866e2b0cab4d96bc86bf760d57586

    • SHA256

      e05e8ba812aa6b58db11b8d036a96e0ff6b580419b833b93543c210c26923b7d

    • SHA512

      4474847f745a439a68bc9bf03e1d07a255191b33aae57cb27e69faf9702f1f9e749f0eaf3546ba88b2ecfb83b9899acef10a73b9cf12196864885e35edc4f917

    • SSDEEP

      768:ZrItKyw5WHXfQIhIiIk9ecAaVPD96KyX6p:Zr3Z5IfQIR81ad5yX6p

    Score
    8/10
    defense_evasiondiscoveryevasion

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks