ed11d318d94e524bca282505a63b76c3bb70d698e5d76de6ced2fca4b864056f | Triage

Submit
Reports

Overview

overview

9

Static

static

chat_65454...om.exe

windows7_x64

9

chat_65454...om.exe

windows10_x64

9

Sharing

General

Target

chat_6545481_201123.rar
Size

2.7MB
Sample

201125-6l4e8nmzr2
MD5

bc33080d570671a13fdea28648747af6
SHA1

b5ca30cc0e200671b00c0249f40880ea0edcfdd3
SHA256

ed11d318d94e524bca282505a63b76c3bb70d698e5d76de6ced2fca4b864056f
SHA512

3d68e17f9f6813ac8e45221a14d0d205ac211e4191e3ab22c1700328042184a390e5a0f457814a31268b470cb130da673977d8d9e61980d8bce7e523ffe8fe6e

Score

9^/10

evasion upx

Static task

static1

Behavioral task

behavioral1

Sample

chat_6545481_201123@V.com.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

chat_6545481_201123@V.com.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  chat_6545481_201123@V.com
- Size
  
  4.6MB
- MD5
  
  99186afb28d61f17962f7bacb915d86e
- SHA1
  
  290012a72cc40208f4158a953a69ef615a90fad4
- SHA256
  
  86c5536119bac3ce1fdcb3c5661b44398b3cab23925ea5e456b16801abc75108
- SHA512
  
  5d37f1ba74aaf90457ce59bbdbbd883ef7e48fbe02d7c0165a556ee87b992ff59cf5be760556009fcae70fd2f47bac6ade5ae60bd25b7f6be788b54ee81aff02
Score

9^/10

evasion upx
- Enumerates VirtualBox registry keys
  evasion
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Virtualization/Sandbox Evasion

System Information Discovery

Process Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy