b33eecbb6d752d04f77e62b44075d3d6bdfa7a128d54809cf2b6ed7a68aac7bf | Triage

Submit
Reports

Overview

overview

8

Static

static

8

b33eecbb6d...bf.exe

windows7-x64

8

b33eecbb6d...bf.exe

windows10-2004-x64

8

Sharing

General

Target

b33eecbb6d752d04f77e62b44075d3d6bdfa7a128d54809cf2b6ed7a68aac7bf
Size

196KB
Sample

221019-1smansabg8
MD5

a0e5f095b0b3c495ef4161376d8719b0
SHA1

a5ddc658ce4bdffebe23322b2312cdf3603d95bf
SHA256

b33eecbb6d752d04f77e62b44075d3d6bdfa7a128d54809cf2b6ed7a68aac7bf
SHA512

a1f90169ea2eb67b1cc18d9f47c63dfcca8bb89f978baf0b47d75ed325b133efe27b03e1dcd50e900f4a58c6338f35ecc73e7024028bdd4c7c67954fccc5c43c
SSDEEP

3072:qXG1zqQh9Yq+tSJwj1mmi/UB8WlTWakPj05l1qgnInxcd:qXK2BsKmmi/ATWlj0z1qtxcd

Score

8^/10

upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

b33eecbb6d752d04f77e62b44075d3d6bdfa7a128d54809cf2b6ed7a68aac7bf.exe

Resource

win7-20220812-en

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

b33eecbb6d752d04f77e62b44075d3d6bdfa7a128d54809cf2b6ed7a68aac7bf.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  b33eecbb6d752d04f77e62b44075d3d6bdfa7a128d54809cf2b6ed7a68aac7bf
- Size
  
  196KB
- MD5
  
  a0e5f095b0b3c495ef4161376d8719b0
- SHA1
  
  a5ddc658ce4bdffebe23322b2312cdf3603d95bf
- SHA256
  
  b33eecbb6d752d04f77e62b44075d3d6bdfa7a128d54809cf2b6ed7a68aac7bf
- SHA512
  
  a1f90169ea2eb67b1cc18d9f47c63dfcca8bb89f978baf0b47d75ed325b133efe27b03e1dcd50e900f4a58c6338f35ecc73e7024028bdd4c7c67954fccc5c43c
- SSDEEP
  
  3072:qXG1zqQh9Yq+tSJwj1mmi/UB8WlTWakPj05l1qgnInxcd:qXK2BsKmmi/ATWlj0z1qtxcd
Score

8^/10

upx
- Blocklisted process makes network request
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy