Overview

overview

8

Static

static

d6800c11ac...98.exe

windows7-x64

8

d6800c11ac...98.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    d6800c11acdeb2823ea9be677a1f9c4c4f6bb0019e8343caebf5bd80886ac198

  • Size

    56KB

  • Sample

    221107-f4s75sadg7

  • MD5

    085ff1dcd1677c9e8fd3f9ca7e092f33

  • SHA1

    eef86607cc217938ea376918c3921b0bb8f0f9ff

  • SHA256

    d6800c11acdeb2823ea9be677a1f9c4c4f6bb0019e8343caebf5bd80886ac198

  • SHA512

    56b1a4a3d92d23096086c26816c11f563c6c3ce528efb507498af347c381293e5aaa0cee6b72b1a48af55cabdd71ba51980b4cc29d289e200cb5f45c82305b85

  • SSDEEP

    1536:GxrsEWEqEbETPNSrkfZjEjb449VdkItgQo6:G6L3OWkofZjEjb4EkIJo6

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      d6800c11acdeb2823ea9be677a1f9c4c4f6bb0019e8343caebf5bd80886ac198

    • Size

      56KB

    • MD5

      085ff1dcd1677c9e8fd3f9ca7e092f33

    • SHA1

      eef86607cc217938ea376918c3921b0bb8f0f9ff

    • SHA256

      d6800c11acdeb2823ea9be677a1f9c4c4f6bb0019e8343caebf5bd80886ac198

    • SHA512

      56b1a4a3d92d23096086c26816c11f563c6c3ce528efb507498af347c381293e5aaa0cee6b72b1a48af55cabdd71ba51980b4cc29d289e200cb5f45c82305b85

    • SSDEEP

      1536:GxrsEWEqEbETPNSrkfZjEjb449VdkItgQo6:G6L3OWkofZjEjb4EkIJo6

    Score
    8/10
    persistenceupx

    • Adds policy Run key to start application

      persistence

    • Executes dropped EXE

    • Modifies Installed Components in the registry

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks