a184852a604e7624cdc7b3fc93492ea5821af10d3d7dd84dc2c7fb06e1ea2272 | Triage

Submit
Reports

Overview

overview

8

Static

static

8

a184852a60...72.exe

windows7-x64

8

a184852a60...72.exe

windows10-2004-x64

8

Sharing

General

Target

a184852a604e7624cdc7b3fc93492ea5821af10d3d7dd84dc2c7fb06e1ea2272
Size

279KB
Sample

221029-zmxnsaeef8
MD5

558b54b1f48afb0b8fccf5522ba308f0
SHA1

3eed4cc8dbb1d708ff60959caf066395043f7535
SHA256

a184852a604e7624cdc7b3fc93492ea5821af10d3d7dd84dc2c7fb06e1ea2272
SHA512

0397c430f13a6cbb952a82716f67b51ff88c1f04c30bd8c93e788ac61c052b4adb95f96c2973ba4d2978ac6fd0b38e30447e5ff6c9473a6d1692595065510ad7
SSDEEP

6144:3QGM8K+fBB4sGUEqPyh+9qP8kpYH6otS97HOqpKmjJUWRA:3HM8RZsUEu4OqLapSVjpXJUj

Score

8^/10

upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a184852a604e7624cdc7b3fc93492ea5821af10d3d7dd84dc2c7fb06e1ea2272.exe

Resource

win7-20220901-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

a184852a604e7624cdc7b3fc93492ea5821af10d3d7dd84dc2c7fb06e1ea2272.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  a184852a604e7624cdc7b3fc93492ea5821af10d3d7dd84dc2c7fb06e1ea2272
- Size
  
  279KB
- MD5
  
  558b54b1f48afb0b8fccf5522ba308f0
- SHA1
  
  3eed4cc8dbb1d708ff60959caf066395043f7535
- SHA256
  
  a184852a604e7624cdc7b3fc93492ea5821af10d3d7dd84dc2c7fb06e1ea2272
- SHA512
  
  0397c430f13a6cbb952a82716f67b51ff88c1f04c30bd8c93e788ac61c052b4adb95f96c2973ba4d2978ac6fd0b38e30447e5ff6c9473a6d1692595065510ad7
- SSDEEP
  
  6144:3QGM8K+fBB4sGUEqPyh+9qP8kpYH6otS97HOqpKmjJUWRA:3HM8RZsUEu4OqLapSVjpXJUj
Score

8^/10

upx
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy