Overview

overview

10

Static

static

3

46cdcec099...0N.exe

windows7-x64

10

46cdcec099...0N.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    46cdcec099a3a6239f4a33dffc243ce0N.exe

  • Size

    304KB

  • Sample

    240901-s4y5lsvdqk

  • MD5

    46cdcec099a3a6239f4a33dffc243ce0

  • SHA1

    16971661c55b4f5f036b4a290bade284fa4c0a91

  • SHA256

    adefa7859c8807d553fdcd6bc7ebe74674bb0c36d1626250176ed1d05806f8c1

  • SHA512

    80c00873dca22c5b599da15fef1a564759b41d070dffcfed2c4feaff09a627224aeecb815f4793fae1e0b36a0063556e8556168de2aa56dca8e8b9f0e05d6094

  • SSDEEP

    3072:rPGOaEaAaTG0kZSmA23oxqc+GnMop2aEaLFra+7pvPSvzDo:E4AoQtnylaRSg

Score
10/10
discoveryevasionpersistence

Malware Config

Targets

    • Target

      46cdcec099a3a6239f4a33dffc243ce0N.exe

    • Size

      304KB

    • MD5

      46cdcec099a3a6239f4a33dffc243ce0

    • SHA1

      16971661c55b4f5f036b4a290bade284fa4c0a91

    • SHA256

      adefa7859c8807d553fdcd6bc7ebe74674bb0c36d1626250176ed1d05806f8c1

    • SHA512

      80c00873dca22c5b599da15fef1a564759b41d070dffcfed2c4feaff09a627224aeecb815f4793fae1e0b36a0063556e8556168de2aa56dca8e8b9f0e05d6094

    • SSDEEP

      3072:rPGOaEaAaTG0kZSmA23oxqc+GnMop2aEaLFra+7pvPSvzDo:E4AoQtnylaRSg

    Score
    10/10
    discoveryevasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks