Overview

overview

8

Static

static

3

5b73c28e57...0N.exe

windows7-x64

8

5b73c28e57...0N.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    5b73c28e57c07f47f8be6f98350f7900N.exe

  • Size

    63KB

  • Sample

    240915-kav7vsvcnk

  • MD5

    5b73c28e57c07f47f8be6f98350f7900

  • SHA1

    181dc9ef17db73ca1827b49a757e606ebb0930a5

  • SHA256

    1b7f168df6fa76650fb1964088d07c50939c7811f3b523fcb67a832bb7492c4d

  • SHA512

    e7d4d81abf448e8eca429b3e3922769aa448f26f950e7c81131033d0d719833773a053c93fdb9bf4121a9bd60128c556590412af36f15642b664a0c7feee4c37

  • SSDEEP

    768:MDcpEBMLfQcubV5wGE96YyXDTLdEBBBBL6666s:MDcfLfIbtEbyXfZt

Score
8/10
defense_evasiondiscoveryevasion

Malware Config

Targets

    • Target

      5b73c28e57c07f47f8be6f98350f7900N.exe

    • Size

      63KB

    • MD5

      5b73c28e57c07f47f8be6f98350f7900

    • SHA1

      181dc9ef17db73ca1827b49a757e606ebb0930a5

    • SHA256

      1b7f168df6fa76650fb1964088d07c50939c7811f3b523fcb67a832bb7492c4d

    • SHA512

      e7d4d81abf448e8eca429b3e3922769aa448f26f950e7c81131033d0d719833773a053c93fdb9bf4121a9bd60128c556590412af36f15642b664a0c7feee4c37

    • SSDEEP

      768:MDcpEBMLfQcubV5wGE96YyXDTLdEBBBBL6666s:MDcfLfIbtEbyXfZt

    Score
    8/10
    defense_evasiondiscoveryevasion

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks