9746c16df7b6be74da65247ae8e97ca496e1fa1a85b49f641217efa9894b12cb | Triage

Submit
Reports

Overview

overview

8

Static

static

9746c16df7...cb.exe

windows7-x64

8

9746c16df7...cb.exe

windows10-2004-x64

8

Sharing

General

Target

9746c16df7b6be74da65247ae8e97ca496e1fa1a85b49f641217efa9894b12cb
Size

7.2MB
Sample

221123-k14xpadc81
MD5

f6f67d62dc4d8c38a11e80f444455c75
SHA1

8e7a35240aedf74d1dd705a9c8861b7c35f9802f
SHA256

9746c16df7b6be74da65247ae8e97ca496e1fa1a85b49f641217efa9894b12cb
SHA512

e3e0814a713fc095bc58f69c77b1ff2b02bd927d4df1b5c6fbb5718ec4794c8e6fedfa5435cc14c50dce2b776670724484aa682a27bf0656319e2d18022e6a82
SSDEEP

196608:63F6n80W6uG09+KOvpyUUgd8KVmHxs5XzkBLCW2d1:eFREugJ8K8Hx2zkBwd1

Score

8^/10

discovery persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

9746c16df7b6be74da65247ae8e97ca496e1fa1a85b49f641217efa9894b12cb.exe

Resource

win7-20220812-en

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

9746c16df7b6be74da65247ae8e97ca496e1fa1a85b49f641217efa9894b12cb.exe

Resource

win10v2004-20220812-en

discovery persistence upx

windows10-2004-x64

18 signatures

150 seconds

Malware Config

Targets

- Target
  
  9746c16df7b6be74da65247ae8e97ca496e1fa1a85b49f641217efa9894b12cb
- Size
  
  7.2MB
- MD5
  
  f6f67d62dc4d8c38a11e80f444455c75
- SHA1
  
  8e7a35240aedf74d1dd705a9c8861b7c35f9802f
- SHA256
  
  9746c16df7b6be74da65247ae8e97ca496e1fa1a85b49f641217efa9894b12cb
- SHA512
  
  e3e0814a713fc095bc58f69c77b1ff2b02bd927d4df1b5c6fbb5718ec4794c8e6fedfa5435cc14c50dce2b776670724484aa682a27bf0656319e2d18022e6a82
- SSDEEP
  
  196608:63F6n80W6uG09+KOvpyUUgd8KVmHxs5XzkBLCW2d1:eFREugJ8K8Hx2zkBwd1
Score

8^/10

discovery upx persistence
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistenceupx

© 2018-2024

Terms | Privacy