Overview

overview

8

Static

static

8

6538bc84f6...61.exe

windows7-x64

8

6538bc84f6...61.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6538bc84f6831ce66b0d0b39c80f73bd5155b487274e2dbf19958d8d76945d61

  • Size

    69KB

  • Sample

    221011-fhr3ysfbf2

  • MD5

    6e0621eb5136a4f7648bfa86496f73d0

  • SHA1

    784377ae95ebbbb245145b3533e05858c1b9fe8d

  • SHA256

    6538bc84f6831ce66b0d0b39c80f73bd5155b487274e2dbf19958d8d76945d61

  • SHA512

    8a6ab4eae33eb67459365dde9f8f4cf36109c6dd60a225e11f0b0f063636bf2b6ad3f333702ed5fafbc84e269685b11b14e3a19fc07a6e47231337d343898a69

  • SSDEEP

    1536:HOZqGZNz7/gNl5DFKDacNpXqjXCJPTKjJ8m:HObZNzTgfN5CVSJ8

Score
8/10
discoveryexploitupx

Malware Config

Targets

    • Target

      6538bc84f6831ce66b0d0b39c80f73bd5155b487274e2dbf19958d8d76945d61

    • Size

      69KB

    • MD5

      6e0621eb5136a4f7648bfa86496f73d0

    • SHA1

      784377ae95ebbbb245145b3533e05858c1b9fe8d

    • SHA256

      6538bc84f6831ce66b0d0b39c80f73bd5155b487274e2dbf19958d8d76945d61

    • SHA512

      8a6ab4eae33eb67459365dde9f8f4cf36109c6dd60a225e11f0b0f063636bf2b6ad3f333702ed5fafbc84e269685b11b14e3a19fc07a6e47231337d343898a69

    • SSDEEP

      1536:HOZqGZNz7/gNl5DFKDacNpXqjXCJPTKjJ8m:HObZNzTgfN5CVSJ8

    Score
    8/10
    discoveryexploitupx

    • Possible privilege escalation attempt

      exploit

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Modifies file permissions

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Permissions Modification

1
T1222

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks