Overview

overview

8

Static

static

3

d87c584792...0N.exe

windows7-x64

8

d87c584792...0N.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    d87c584792750d405ab939ad4db56a70N.exe

  • Size

    75KB

  • Sample

    240824-wbl65atdnj

  • MD5

    d87c584792750d405ab939ad4db56a70

  • SHA1

    f13a815a158af471d95cefacc77321dced50ab15

  • SHA256

    3172909c1e78a285676e68202502bff165b33af0bc56daa3a056ebea784f7a95

  • SHA512

    01d9443e3643ccac42ddd6794dde9982406a4dee47d1830b125cbcec1c5fa770b2930b38231a1e8c022d413fab6face034f50e565ea819a0fbc440446f35920e

  • SSDEEP

    768:ZrItKyw5WHXfQmjIiIk9ecAx7pP1EPU96MyXPdtldE9bIIIwjkg:Zr3Z5IfQmv81x7pP1r3yXPdtnyjp

Score
8/10
defense_evasiondiscoveryevasion

Malware Config

Targets

    • Target

      d87c584792750d405ab939ad4db56a70N.exe

    • Size

      75KB

    • MD5

      d87c584792750d405ab939ad4db56a70

    • SHA1

      f13a815a158af471d95cefacc77321dced50ab15

    • SHA256

      3172909c1e78a285676e68202502bff165b33af0bc56daa3a056ebea784f7a95

    • SHA512

      01d9443e3643ccac42ddd6794dde9982406a4dee47d1830b125cbcec1c5fa770b2930b38231a1e8c022d413fab6face034f50e565ea819a0fbc440446f35920e

    • SSDEEP

      768:ZrItKyw5WHXfQmjIiIk9ecAx7pP1EPU96MyXPdtldE9bIIIwjkg:Zr3Z5IfQmv81x7pP1r3yXPdtnyjp

    Score
    8/10
    defense_evasiondiscoveryevasion

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks