Overview

overview

10

Static

static

3

4bf911ccbb...0N.exe

windows7-x64

10

4bf911ccbb...0N.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    4bf911ccbb12220cec6f7b319859e7b0N.exe

  • Size

    152KB

  • Sample

    240911-w3mxqswdpc

  • MD5

    4bf911ccbb12220cec6f7b319859e7b0

  • SHA1

    fd6b6f2808e202e89770c5d16add67cd30193178

  • SHA256

    1836cb1bff34cd64535e9d2cba8fc6ca66e29c5cc979be35955ff1ae62686418

  • SHA512

    f4f53ac891452521a6da206c8c89e9505f3fe3a39449925b2d6a77957e154e915990d07e3535a41378d0cd01a2bad8239432a3910a42629eee19bf4ccca3c4f6

  • SSDEEP

    3072:7Mly5apYFWWYUczAveWBBDJDuviDO2l0G4oQZiEcrrj:0CapYFDYe2gpxuvia2ltW0/

Score
10/10
discoveryevasionpersistence

Malware Config

Targets

    • Target

      4bf911ccbb12220cec6f7b319859e7b0N.exe

    • Size

      152KB

    • MD5

      4bf911ccbb12220cec6f7b319859e7b0

    • SHA1

      fd6b6f2808e202e89770c5d16add67cd30193178

    • SHA256

      1836cb1bff34cd64535e9d2cba8fc6ca66e29c5cc979be35955ff1ae62686418

    • SHA512

      f4f53ac891452521a6da206c8c89e9505f3fe3a39449925b2d6a77957e154e915990d07e3535a41378d0cd01a2bad8239432a3910a42629eee19bf4ccca3c4f6

    • SSDEEP

      3072:7Mly5apYFWWYUczAveWBBDJDuviDO2l0G4oQZiEcrrj:0CapYFDYe2gpxuvia2ltW0/

    Score
    10/10
    discoveryevasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks