eb0ea6cf24784199aa5a8c19826750bea287dcf7ee0ea62db8915846a97d1330 | Triage

Sharing

General

Target

eb0ea6cf24784199aa5a8c19826750bea287dcf7ee0ea62db8915846a97d1330N
Size

84KB
Sample

240919-gs2wksvbjp
MD5

2d899134bdcf567b252077e9d9bd8800
SHA1

03901902fc4b96173fd27687c29d241ca1cd5db4
SHA256

eb0ea6cf24784199aa5a8c19826750bea287dcf7ee0ea62db8915846a97d1330
SHA512

473aee6f8f2999d889abd962085ee7388309831089eb7d843ecb5dc274c2b7e874ab2bbadf8510111df7941f415ac90af18a3027ab77e42323a4f14d01d94590
SSDEEP

1536:bDcWLfIbgEp10gyXVdtnTHNWnnn622222e:bDXL0n0gyXVd1re2222e

Score

8^/10

defense_evasion discovery evasion

Malware Config

Targets

- Target
  
  eb0ea6cf24784199aa5a8c19826750bea287dcf7ee0ea62db8915846a97d1330N
- Size
  
  84KB
- MD5
  
  2d899134bdcf567b252077e9d9bd8800
- SHA1
  
  03901902fc4b96173fd27687c29d241ca1cd5db4
- SHA256
  
  eb0ea6cf24784199aa5a8c19826750bea287dcf7ee0ea62db8915846a97d1330
- SHA512
  
  473aee6f8f2999d889abd962085ee7388309831089eb7d843ecb5dc274c2b7e874ab2bbadf8510111df7941f415ac90af18a3027ab77e42323a4f14d01d94590
- SSDEEP
  
  1536:bDcWLfIbgEp10gyXVdtnTHNWnnn622222e:bDXL0n0gyXVd1re2222e
Score

8^/10

defense_evasion discovery evasion
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Indicator Removal

File Deletion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoveryevasion

behavioral2

defense_evasiondiscoveryevasion