b6c5b0664ded18971cc6fd6dd47f166cfb33f80bee2f4012a3ee8773077e7f7a | Triage

Sharing

General

Target

b6c5b0664ded18971cc6fd6dd47f166cfb33f80bee2f4012a3ee8773077e7f7a.exe
Size

58KB
Sample

241130-fv871aymej
MD5

7ecd85b616ebf5dcc18ada1d6a544fcf
SHA1

141100ef65e4b76858d4855a588fb11159a53e84
SHA256

b6c5b0664ded18971cc6fd6dd47f166cfb33f80bee2f4012a3ee8773077e7f7a
SHA512

4e4492c694b092efb08ec381c70d394e3e1fd080b81bb5dfdd9ae50cdd742d69d125bf05e61060e9560dc9aa1a2eb3834326294fa6fea1739e0cc7e6d118b4e2
SSDEEP

1536:hvQoLHjw2iWPKMvw71/RLyXwvvvZeee5LttttU:hv5Ls27BIJ/RLyXweeeRttttU

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  b6c5b0664ded18971cc6fd6dd47f166cfb33f80bee2f4012a3ee8773077e7f7a.exe
- Size
  
  58KB
- MD5
  
  7ecd85b616ebf5dcc18ada1d6a544fcf
- SHA1
  
  141100ef65e4b76858d4855a588fb11159a53e84
- SHA256
  
  b6c5b0664ded18971cc6fd6dd47f166cfb33f80bee2f4012a3ee8773077e7f7a
- SHA512
  
  4e4492c694b092efb08ec381c70d394e3e1fd080b81bb5dfdd9ae50cdd742d69d125bf05e61060e9560dc9aa1a2eb3834326294fa6fea1739e0cc7e6d118b4e2
- SSDEEP
  
  1536:hvQoLHjw2iWPKMvw71/RLyXwvvvZeee5LttttU:hv5Ls27BIJ/RLyXweeeRttttU
Score

7^/10

defense_evasion discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasiondiscovery