b96458cb0aeb88877d2c55045ab8efbc6a8fc7349a3836ac02ffaa156b1be499 | Triage

Submit
Reports

Overview

overview

8

Static

static

8

b96458cb0a...99.exe

windows7-x64

8

b96458cb0a...99.exe

windows10-2004-x64

8

Sharing

General

Target

b96458cb0aeb88877d2c55045ab8efbc6a8fc7349a3836ac02ffaa156b1be499
Size

260KB
Sample

220919-s9s6jsfea7
MD5

dd0763d813e0d7b26f166a98e0322b70
SHA1

df105364f091d350485a0702818da7d81afc84a8
SHA256

b96458cb0aeb88877d2c55045ab8efbc6a8fc7349a3836ac02ffaa156b1be499
SHA512

ee5a61c72f68e2cea7f924daa76e9f257c7fb95ed71c6da3c4c6172f54d88347f99d2134307b8d8175c10148c56b778d1b247cc3ddee333198f83fe4dc8fb936
SSDEEP

6144:D7JyLfvkJAuZ9xqtc6sgjpCr1qT612UEqYcj9ZsaBSE5:D7wfvcAu5qJKETqnY+bs475

Score

8^/10

persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

b96458cb0aeb88877d2c55045ab8efbc6a8fc7349a3836ac02ffaa156b1be499.exe

Resource

win7-20220812-en

persistence upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

b96458cb0aeb88877d2c55045ab8efbc6a8fc7349a3836ac02ffaa156b1be499.exe

Resource

win10v2004-20220812-en

persistence upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  b96458cb0aeb88877d2c55045ab8efbc6a8fc7349a3836ac02ffaa156b1be499
- Size
  
  260KB
- MD5
  
  dd0763d813e0d7b26f166a98e0322b70
- SHA1
  
  df105364f091d350485a0702818da7d81afc84a8
- SHA256
  
  b96458cb0aeb88877d2c55045ab8efbc6a8fc7349a3836ac02ffaa156b1be499
- SHA512
  
  ee5a61c72f68e2cea7f924daa76e9f257c7fb95ed71c6da3c4c6172f54d88347f99d2134307b8d8175c10148c56b778d1b247cc3ddee333198f83fe4dc8fb936
- SSDEEP
  
  6144:D7JyLfvkJAuZ9xqtc6sgjpCr1qT612UEqYcj9ZsaBSE5:D7wfvcAu5qJKETqnY+bs475
Score

8^/10

persistence upx
- Sets DLL path for service in the registry
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy