Overview

overview

7

Static

static

3

bb09de324b...3N.exe

windows7-x64

7

bb09de324b...3N.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bb09de324bb92b3302aa7f5c1328d1d7a54209d2f4980ca0f31b38480f092763N

  • Size

    94KB

  • Sample

    240919-hjm7hawala

  • MD5

    a05e3883f557f5387142d4a6d0a37500

  • SHA1

    8535d09ef996f6afecda4403d4d1099697d4a7e7

  • SHA256

    bb09de324bb92b3302aa7f5c1328d1d7a54209d2f4980ca0f31b38480f092763

  • SHA512

    73303d4ce6f306faad6c6182884635fad6c8d12f8139dd89b064c82a71edb8c3d0183a70b52c0b42b465b89467f966e3ab1552fcd82747612844167a42275cb1

  • SSDEEP

    1536:skPjmPwvx3PtLBzGMlGO+eo+zCj4CFgjASG3KazRZICrWaGZh7LLx1E:skLmuftLBzfIOz4VSGaqJrWNZ1Lx1E

Score
7/10
defense_evasiondiscoverypersistence

Malware Config

Targets

    • Target

      bb09de324bb92b3302aa7f5c1328d1d7a54209d2f4980ca0f31b38480f092763N

    • Size

      94KB

    • MD5

      a05e3883f557f5387142d4a6d0a37500

    • SHA1

      8535d09ef996f6afecda4403d4d1099697d4a7e7

    • SHA256

      bb09de324bb92b3302aa7f5c1328d1d7a54209d2f4980ca0f31b38480f092763

    • SHA512

      73303d4ce6f306faad6c6182884635fad6c8d12f8139dd89b064c82a71edb8c3d0183a70b52c0b42b465b89467f966e3ab1552fcd82747612844167a42275cb1

    • SSDEEP

      1536:skPjmPwvx3PtLBzGMlGO+eo+zCj4CFgjASG3KazRZICrWaGZh7LLx1E:skLmuftLBzfIOz4VSGaqJrWNZ1Lx1E

    Score
    7/10
    defense_evasiondiscoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks