Overview

overview

8

Static

static

2e0ec984cc...56.exe

windows7-x64

8

2e0ec984cc...56.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    2e0ec984cc9c10731904bfc6046867cfd20bdeff2ec49ead3aea4d6cf8625b56

  • Size

    132KB

  • Sample

    221011-capfbaaafr

  • MD5

    6ed7dce8a8ed8cfeb12ba0339bbdf4fd

  • SHA1

    17c3988652a738e9797894e04f03c20e4a561067

  • SHA256

    2e0ec984cc9c10731904bfc6046867cfd20bdeff2ec49ead3aea4d6cf8625b56

  • SHA512

    283b0e48be049c5d8875048f87d789e22ec3ff3295435b48788040f50c05c47ded817a8fcd4760c5901b7ef97359f2818004053cffa664d3465af528c69c3e1a

  • SSDEEP

    1536:bHFjwOqUuflO+6peVdM/d2yv6n0APB8qFE0OSqHW2PYoPPrCLaC46lxIDCwMZOD7:ryOqxY+6pejzNB8A4xAo784KmMMDLH

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      2e0ec984cc9c10731904bfc6046867cfd20bdeff2ec49ead3aea4d6cf8625b56

    • Size

      132KB

    • MD5

      6ed7dce8a8ed8cfeb12ba0339bbdf4fd

    • SHA1

      17c3988652a738e9797894e04f03c20e4a561067

    • SHA256

      2e0ec984cc9c10731904bfc6046867cfd20bdeff2ec49ead3aea4d6cf8625b56

    • SHA512

      283b0e48be049c5d8875048f87d789e22ec3ff3295435b48788040f50c05c47ded817a8fcd4760c5901b7ef97359f2818004053cffa664d3465af528c69c3e1a

    • SSDEEP

      1536:bHFjwOqUuflO+6peVdM/d2yv6n0APB8qFE0OSqHW2PYoPPrCLaC46lxIDCwMZOD7:ryOqxY+6pejzNB8A4xAo784KmMMDLH

    Score
    8/10
    persistenceupx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks