Overview

overview

8

Static

static

7

76bfb4f2ac...0N.exe

windows7-x64

8

76bfb4f2ac...0N.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    76bfb4f2ac7431fbab7c1fc96a00cc90N

  • Size

    23KB

  • Sample

    240913-wtj5gs1frh

  • MD5

    76bfb4f2ac7431fbab7c1fc96a00cc90

  • SHA1

    39ce04d2800a8233e467b349dee09c9d88e6dba0

  • SHA256

    616e3aafa3c2521aaf2ac14cbbd9fc600a176e71d64b8ced6fe09b82730654c8

  • SHA512

    bf6bdc5644bcd5bc12b03f902d54a51f8ffa8ec3752c8a15ec7f7ffa4292a231762f72549cfcb06184e59bbca394e7415795fec9821cc230ba1e1cd7cdd6c9ae

  • SSDEEP

    384:+J5+c5mibCpKAjndr3Vo4G/usaNJawcudoD7UXlOIJquYz:uAcYimoqdm9gnbcuyD7U19K

Score
8/10
defense_evasiondiscoveryevasionupx

Malware Config

Targets

    • Target

      76bfb4f2ac7431fbab7c1fc96a00cc90N

    • Size

      23KB

    • MD5

      76bfb4f2ac7431fbab7c1fc96a00cc90

    • SHA1

      39ce04d2800a8233e467b349dee09c9d88e6dba0

    • SHA256

      616e3aafa3c2521aaf2ac14cbbd9fc600a176e71d64b8ced6fe09b82730654c8

    • SHA512

      bf6bdc5644bcd5bc12b03f902d54a51f8ffa8ec3752c8a15ec7f7ffa4292a231762f72549cfcb06184e59bbca394e7415795fec9821cc230ba1e1cd7cdd6c9ae

    • SSDEEP

      384:+J5+c5mibCpKAjndr3Vo4G/usaNJawcudoD7UXlOIJquYz:uAcYimoqdm9gnbcuyD7U19K

    Score
    8/10
    defense_evasiondiscoveryevasionupx

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks