Overview

overview

8

Static

static

3

5a7c7d3562...59.exe

windows7-x64

8

5a7c7d3562...59.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    5a7c7d3562454650cc891a91d8d5f6b183b4b33e4ef5132a2a62a2bd91bd9e59

  • Size

    67KB

  • Sample

    240824-2xmbxavaka

  • MD5

    8905f38e4785414451a173d6c5e69365

  • SHA1

    de4bb6bb30fda4b1077134462c1c144a794535c8

  • SHA256

    5a7c7d3562454650cc891a91d8d5f6b183b4b33e4ef5132a2a62a2bd91bd9e59

  • SHA512

    4f698708a78017d5827c367ac59290b60a9c118c53540b1cde5c248419d0709ca06c385b3a0f7bf0edd3335b64837527479318ce5ffbad1c412c8c6b3e2ea32e

  • SSDEEP

    768:ZrItKyw5WHXfQIhIiIk9ecAaVPD96KyX6+LLL8cccpPPPPTX:Zr3Z5IfQIR81ad5yX6FcccpPPPPb

Score
8/10
defense_evasiondiscoveryevasion

Malware Config

Targets

    • Target

      5a7c7d3562454650cc891a91d8d5f6b183b4b33e4ef5132a2a62a2bd91bd9e59

    • Size

      67KB

    • MD5

      8905f38e4785414451a173d6c5e69365

    • SHA1

      de4bb6bb30fda4b1077134462c1c144a794535c8

    • SHA256

      5a7c7d3562454650cc891a91d8d5f6b183b4b33e4ef5132a2a62a2bd91bd9e59

    • SHA512

      4f698708a78017d5827c367ac59290b60a9c118c53540b1cde5c248419d0709ca06c385b3a0f7bf0edd3335b64837527479318ce5ffbad1c412c8c6b3e2ea32e

    • SSDEEP

      768:ZrItKyw5WHXfQIhIiIk9ecAaVPD96KyX6+LLL8cccpPPPPTX:Zr3Z5IfQIR81ad5yX6FcccpPPPPb

    Score
    8/10
    defense_evasiondiscoveryevasion

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks