Overview

overview

8

Static

static

1

9f344f37fb...5d.exe

windows7-x64

8

9f344f37fb...5d.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    9f344f37fbc79bd7bc0e3917dfc1710658437f001ccc8bd70e7ef3e9c9d0c75d

  • Size

    334KB

  • Sample

    221020-kadmtadcdq

  • MD5

    761a36a30def36faa93ae727d8e695c0

  • SHA1

    bd72bb37d1e5c3284fd0e3c2e6c7e7b2cb98e499

  • SHA256

    9f344f37fbc79bd7bc0e3917dfc1710658437f001ccc8bd70e7ef3e9c9d0c75d

  • SHA512

    16fa780e28eac40d4ec204b45823a0f9167e0ea09cf72694f6f49dd1d2e2cfc6d798e2a027b54c6bf468dfdcb3b13a8b5ecddcc947055b13f37816acc6bb5158

  • SSDEEP

    6144:+mR3kSaZpKHsGfBUx9Yge810FdPCxXTTOjwziPeZjy1i1zMQP+4tTqC461:+I3zaKHsGfQOge81mYNTOjRPeZEGtTqq

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      9f344f37fbc79bd7bc0e3917dfc1710658437f001ccc8bd70e7ef3e9c9d0c75d

    • Size

      334KB

    • MD5

      761a36a30def36faa93ae727d8e695c0

    • SHA1

      bd72bb37d1e5c3284fd0e3c2e6c7e7b2cb98e499

    • SHA256

      9f344f37fbc79bd7bc0e3917dfc1710658437f001ccc8bd70e7ef3e9c9d0c75d

    • SHA512

      16fa780e28eac40d4ec204b45823a0f9167e0ea09cf72694f6f49dd1d2e2cfc6d798e2a027b54c6bf468dfdcb3b13a8b5ecddcc947055b13f37816acc6bb5158

    • SSDEEP

      6144:+mR3kSaZpKHsGfBUx9Yge810FdPCxXTTOjwziPeZjy1i1zMQP+4tTqC461:+I3zaKHsGfQOge81mYNTOjRPeZEGtTqq

    Score
    8/10
    persistenceupx

    • Drops file in Drivers directory

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks