80bf063a49dafa225297a4f175f228a931beb46572f5aab7e8b9a969ab8e565f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4527c99715b1a731b6419abbc14ac430N.exe
Size

90KB
Sample

240824-1tra1stejr
MD5

4527c99715b1a731b6419abbc14ac430
SHA1

23d22d13024c2dd5fe62d6c638bc3fb0398d60fc
SHA256

80bf063a49dafa225297a4f175f228a931beb46572f5aab7e8b9a969ab8e565f
SHA512

090b48e919aa2f0edfdfcc72a1bb88dc8b4cc185f84b506cf253e7b3e018ef1b2fa7a94cfa1eb32eef48cb226d36d7f3d4711ab3caadb7f7f4551f9a38023797
SSDEEP

1536:jvQoLHjw2iWPKMvw71AEMnyXBM/XXXdwVRbvXXXh+Nf17RCXXXDrXXXDKXXXmlG6:jv5Ls27BIJAEMnyXBM/XXXdwVBXXXhY0

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  4527c99715b1a731b6419abbc14ac430N.exe
- Size
  
  90KB
- MD5
  
  4527c99715b1a731b6419abbc14ac430
- SHA1
  
  23d22d13024c2dd5fe62d6c638bc3fb0398d60fc
- SHA256
  
  80bf063a49dafa225297a4f175f228a931beb46572f5aab7e8b9a969ab8e565f
- SHA512
  
  090b48e919aa2f0edfdfcc72a1bb88dc8b4cc185f84b506cf253e7b3e018ef1b2fa7a94cfa1eb32eef48cb226d36d7f3d4711ab3caadb7f7f4551f9a38023797
- SSDEEP
  
  1536:jvQoLHjw2iWPKMvw71AEMnyXBM/XXXdwVRbvXXXh+Nf17RCXXXDrXXXDKXXXmlG6:jv5Ls27BIJAEMnyXBM/XXXdwVBXXXhY0
Score

7^/10

defense_evasion discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery