Overview

overview

8

Static

static

3

ec5ff7d57c...cN.exe

windows7-x64

8

ec5ff7d57c...cN.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ec5ff7d57c8f97fe32b6d0e7eb027af061c3c20aef8a64da70f179125fb90c2cN.exe

  • Size

    68KB

  • Sample

    241120-f9hctssgnl

  • MD5

    4d3824ba7d346e5f348c580ebce737f0

  • SHA1

    9d7059f02c605d529ed5b4f48341843ded68e258

  • SHA256

    ec5ff7d57c8f97fe32b6d0e7eb027af061c3c20aef8a64da70f179125fb90c2c

  • SHA512

    0390479e82fc6c8d4e4f23a56b41d68df28cbcde2f79a60bfc27c9d811e6cd90e30f8ce67da03ff88329396088c9795e0d581c1f646ffa626543cf68c5f654c8

  • SSDEEP

    768:8m2HWaXqAJplmRPEW1PiGz96XyX9TdtldE9xKd9:8m0wANm5EW17zgyXVdtnPd9

Score
8/10
defense_evasiondiscoveryevasion

Malware Config

Targets

    • Target

      ec5ff7d57c8f97fe32b6d0e7eb027af061c3c20aef8a64da70f179125fb90c2cN.exe

    • Size

      68KB

    • MD5

      4d3824ba7d346e5f348c580ebce737f0

    • SHA1

      9d7059f02c605d529ed5b4f48341843ded68e258

    • SHA256

      ec5ff7d57c8f97fe32b6d0e7eb027af061c3c20aef8a64da70f179125fb90c2c

    • SHA512

      0390479e82fc6c8d4e4f23a56b41d68df28cbcde2f79a60bfc27c9d811e6cd90e30f8ce67da03ff88329396088c9795e0d581c1f646ffa626543cf68c5f654c8

    • SSDEEP

      768:8m2HWaXqAJplmRPEW1PiGz96XyX9TdtldE9xKd9:8m0wANm5EW17zgyXVdtnPd9

    Score
    8/10
    defense_evasiondiscoveryevasion

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks