ad4dc234d8f66b3e106724e3cdf1c56005537029ff7632b041996f65350c37ed | Triage

Submit
Reports

Overview

overview

9

Static

static

8

ad4dc234d8...ed.exe

windows7-x64

9

ad4dc234d8...ed.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

Target

ad4dc234d8f66b3e106724e3cdf1c56005537029ff7632b041996f65350c37ed
Size

14.1MB
Sample

221121-xqzlfadc36
MD5

b296b125e38d267c16352c34bda84241
SHA1

3828e51e8ca4b695fe0d2da0afad96b83c7987ba
SHA256

ad4dc234d8f66b3e106724e3cdf1c56005537029ff7632b041996f65350c37ed
SHA512

26115ff0bb42ad52047fc81034b6516791967e4c2b10d72b792b6617893181d655d0d36ea898418cc6385c9217ed0998c47f5d14db6472b40992ae6bfd4846b5
SSDEEP

393216:hNoMWBm87i6PT00odV3iKmgmGKyBcOcfeBq73D5bw:nozH7i6ZcV3hmgXKyBc/mo73Dlw

Score

9^/10

evasion trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ad4dc234d8f66b3e106724e3cdf1c56005537029ff7632b041996f65350c37ed.exe

Resource

win7-20221111-en

evasion trojan upx

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

ad4dc234d8f66b3e106724e3cdf1c56005537029ff7632b041996f65350c37ed.exe

Resource

win10v2004-20221111-en

evasion trojan upx

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  ad4dc234d8f66b3e106724e3cdf1c56005537029ff7632b041996f65350c37ed
- Size
  
  14.1MB
- MD5
  
  b296b125e38d267c16352c34bda84241
- SHA1
  
  3828e51e8ca4b695fe0d2da0afad96b83c7987ba
- SHA256
  
  ad4dc234d8f66b3e106724e3cdf1c56005537029ff7632b041996f65350c37ed
- SHA512
  
  26115ff0bb42ad52047fc81034b6516791967e4c2b10d72b792b6617893181d655d0d36ea898418cc6385c9217ed0998c47f5d14db6472b40992ae6bfd4846b5
- SSDEEP
  
  393216:hNoMWBm87i6PT00odV3iKmgmGKyBcOcfeBq73D5bw:nozH7i6ZcV3hmgXKyBc/mo73Dlw
Score

9^/10

evasion trojan upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasiontrojanupx

behavioral2

evasiontrojanupx

© 2018-2025

Terms | Privacy