Overview

overview

7

Static

static

3

96ffc7e5ad...53.exe

windows7-x64

7

96ffc7e5ad...53.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    96ffc7e5ad4a6e74cf2260886d245408c6ef8cf02326956d7e1b8b5f22152053

  • Size

    32KB

  • Sample

    241126-bpa1sstjdk

  • MD5

    2b85b8e448ef24369d4421f0d0137304

  • SHA1

    546c867ad67238625dde5f3e8d22dd344e5615c0

  • SHA256

    96ffc7e5ad4a6e74cf2260886d245408c6ef8cf02326956d7e1b8b5f22152053

  • SHA512

    f8ea691411ed61c089d0846ab7e40ef03f86339067cf5dec03627165ec119e53152b1371d13dff2d3a0d540a73a8169bf5be951084365b9ba75bcf84300299f8

  • SSDEEP

    192:GAGqjRFGKMh9ED/IDExeorm9+Dfp0GjW5sH2t3AIUDFtabHa5tGD4ZQtuKE:PVR8iQLoFx1jW5sIMtR5tGD4ZQVE

Score
7/10
defense_evasiondiscoverypersistence

Malware Config

Targets

    • Target

      96ffc7e5ad4a6e74cf2260886d245408c6ef8cf02326956d7e1b8b5f22152053

    • Size

      32KB

    • MD5

      2b85b8e448ef24369d4421f0d0137304

    • SHA1

      546c867ad67238625dde5f3e8d22dd344e5615c0

    • SHA256

      96ffc7e5ad4a6e74cf2260886d245408c6ef8cf02326956d7e1b8b5f22152053

    • SHA512

      f8ea691411ed61c089d0846ab7e40ef03f86339067cf5dec03627165ec119e53152b1371d13dff2d3a0d540a73a8169bf5be951084365b9ba75bcf84300299f8

    • SSDEEP

      192:GAGqjRFGKMh9ED/IDExeorm9+Dfp0GjW5sH2t3AIUDFtabHa5tGD4ZQtuKE:PVR8iQLoFx1jW5sIMtR5tGD4ZQVE

    Score
    7/10
    defense_evasiondiscoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks