Overview

overview

7

Static

static

3

379f926aad...8N.exe

windows7-x64

7

379f926aad...8N.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    379f926aad7ae001f3c1246a04657038760e47fd538cf4b4250051f86a5ac788N

  • Size

    32KB

  • Sample

    240920-2qch5asdpa

  • MD5

    46f9a5e7abce46e92143757bdddc5b20

  • SHA1

    0007d91f188d75a25e0eb0e83df20bd0c925ec74

  • SHA256

    379f926aad7ae001f3c1246a04657038760e47fd538cf4b4250051f86a5ac788

  • SHA512

    d1b728e073d504c0a40704ff27f7b292d47601f4d4213fc4e8cf8123bb5b91170313751a9531bb699c3c5b103dbbd93edd679d51eda494f14f33b89fd3eedb2b

  • SSDEEP

    192:GAGqjRFGKMh9ED/IDExeorm9+Dfp0GjW5sH2t3AIa6abHa5tGbFOvhO:PVR8iQLoFx1jW5sIZR5tGwvE

Score
7/10
defense_evasiondiscoverypersistence

Malware Config

Targets

    • Target

      379f926aad7ae001f3c1246a04657038760e47fd538cf4b4250051f86a5ac788N

    • Size

      32KB

    • MD5

      46f9a5e7abce46e92143757bdddc5b20

    • SHA1

      0007d91f188d75a25e0eb0e83df20bd0c925ec74

    • SHA256

      379f926aad7ae001f3c1246a04657038760e47fd538cf4b4250051f86a5ac788

    • SHA512

      d1b728e073d504c0a40704ff27f7b292d47601f4d4213fc4e8cf8123bb5b91170313751a9531bb699c3c5b103dbbd93edd679d51eda494f14f33b89fd3eedb2b

    • SSDEEP

      192:GAGqjRFGKMh9ED/IDExeorm9+Dfp0GjW5sH2t3AIa6abHa5tGbFOvhO:PVR8iQLoFx1jW5sIZR5tGwvE

    Score
    7/10
    defense_evasiondiscoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks