Overview

overview

9

Static

static

dee2a883e9...9c.exe

windows7_x64

9

dee2a883e9...9c.exe

windows10-2004_x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dee2a883e9c3da8479f74ab09900c835ccfd1ec495ce57d200857dbb72ac569c

  • Size

    5.5MB

  • Sample

    220706-dge1wsgaek

  • MD5

    de9ecdd7e1aed7256d761e4a399f2aff

  • SHA1

    e545ba543b8ac0d09457878c24592d941c58df17

  • SHA256

    dee2a883e9c3da8479f74ab09900c835ccfd1ec495ce57d200857dbb72ac569c

  • SHA512

    de67783e43521f909359054c9f6e69fc56f7b0b7268f0e7f92dc1f665abffae26073943a631447b979b5c2ffc4df0da9500148efa823e21c11b8aa91b27bfe4a

Score
9/10
upx

Malware Config

Targets

    • Target

      dee2a883e9c3da8479f74ab09900c835ccfd1ec495ce57d200857dbb72ac569c

    • Size

      5.5MB

    • MD5

      de9ecdd7e1aed7256d761e4a399f2aff

    • SHA1

      e545ba543b8ac0d09457878c24592d941c58df17

    • SHA256

      dee2a883e9c3da8479f74ab09900c835ccfd1ec495ce57d200857dbb72ac569c

    • SHA512

      de67783e43521f909359054c9f6e69fc56f7b0b7268f0e7f92dc1f665abffae26073943a631447b979b5c2ffc4df0da9500148efa823e21c11b8aa91b27bfe4a

    Score
    9/10
    upx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

1
T1158

Privilege Escalation

Defense Evasion

Hidden Files and Directories

1
T1158

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks