Overview

overview

8

Static

static

3

bef9586df1...96.exe

windows7-x64

8

bef9586df1...96.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    bef9586df1171c8c37965646dedbbca4fa2fbf36da9385a506e1fa544f347a96

  • Size

    3.7MB

  • Sample

    240904-djkzxstgmj

  • MD5

    79c55e803a5c9f442c0eed0642be3dd7

  • SHA1

    a45fc0e5183cf85cc7169a5fe7885440a150b15b

  • SHA256

    bef9586df1171c8c37965646dedbbca4fa2fbf36da9385a506e1fa544f347a96

  • SHA512

    02c82ad7113043d18a95e30a988e14daea13a68c8b8e5e7216aea4129a388c2f6e8a068d42d0deaacbb254ecb9a54e22560888f2e9b13c0ddfaaa7d1038b244d

  • SSDEEP

    98304:k4wc3evzvh7phFW/Qwk8khbNqk9mgHdk6K1bD/:PwcipFW/Qw7ob0gH6F//

Score
8/10
defense_evasiondiscoveryevasion

Malware Config

Targets

    • Target

      bef9586df1171c8c37965646dedbbca4fa2fbf36da9385a506e1fa544f347a96

    • Size

      3.7MB

    • MD5

      79c55e803a5c9f442c0eed0642be3dd7

    • SHA1

      a45fc0e5183cf85cc7169a5fe7885440a150b15b

    • SHA256

      bef9586df1171c8c37965646dedbbca4fa2fbf36da9385a506e1fa544f347a96

    • SHA512

      02c82ad7113043d18a95e30a988e14daea13a68c8b8e5e7216aea4129a388c2f6e8a068d42d0deaacbb254ecb9a54e22560888f2e9b13c0ddfaaa7d1038b244d

    • SSDEEP

      98304:k4wc3evzvh7phFW/Qwk8khbNqk9mgHdk6K1bD/:PwcipFW/Qw7ob0gH6F//

    Score
    8/10
    defense_evasiondiscoveryevasion

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks