Overview

overview

7

Static

static

3

86895f6597...9N.exe

windows7-x64

7

86895f6597...9N.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    86895f6597a617e24914a5a2edc3e0afd00e0c506c768347be7b39d5359948b9N

  • Size

    94KB

  • Sample

    240930-tegdyatdmm

  • MD5

    d798a80b9d8ac0e04577c8dd9a045c90

  • SHA1

    1e53e352966722d74aee45079f4b66aad41ed632

  • SHA256

    86895f6597a617e24914a5a2edc3e0afd00e0c506c768347be7b39d5359948b9

  • SHA512

    571d92a71ca1b8238c0df564337cc01177689de6f0d5e0ffd27967500e8430fe9954cecb70cc489908cc2f6ac198df0ccd9ca9a7934a639523d7b8d331264ab9

  • SSDEEP

    1536:PGYU/W2/HG6QMauSV3ixJHABLrmhH7i9CO+WHg7zRZICrWaGZh7uk:PfU/WF6QMauSuiWNi9CO+WARJrWNZP

Score
7/10
defense_evasiondiscoverypersistence

Malware Config

Targets

    • Target

      86895f6597a617e24914a5a2edc3e0afd00e0c506c768347be7b39d5359948b9N

    • Size

      94KB

    • MD5

      d798a80b9d8ac0e04577c8dd9a045c90

    • SHA1

      1e53e352966722d74aee45079f4b66aad41ed632

    • SHA256

      86895f6597a617e24914a5a2edc3e0afd00e0c506c768347be7b39d5359948b9

    • SHA512

      571d92a71ca1b8238c0df564337cc01177689de6f0d5e0ffd27967500e8430fe9954cecb70cc489908cc2f6ac198df0ccd9ca9a7934a639523d7b8d331264ab9

    • SSDEEP

      1536:PGYU/W2/HG6QMauSV3ixJHABLrmhH7i9CO+WHg7zRZICrWaGZh7uk:PfU/WF6QMauSuiWNi9CO+WARJrWNZP

    Score
    7/10
    defense_evasiondiscoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks