Overview

overview

8

Static

static

8

8a9af5f7f0...66.exe

windows7-x64

8

8a9af5f7f0...66.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8a9af5f7f01fb6bdb680cd049ac55f6c76032d489336a1fac9057967b3b61266

  • Size

    379KB

  • Sample

    221123-k17nksdc9w

  • MD5

    6ee26437cc104fb116f52a18b8a24cee

  • SHA1

    611542b360253ddb71ac81364d6cd6293a20d85f

  • SHA256

    8a9af5f7f01fb6bdb680cd049ac55f6c76032d489336a1fac9057967b3b61266

  • SHA512

    3fba076431cfe2b939233726d78e3e878fdffe373dc32b57fc065339053093c0141249f37e30bdbee3e86e5c09a703891f052285b683e25ca36e0b19f55d552a

  • SSDEEP

    6144:X50B/5FeaPRp2CcHTSs/yaBgCDLbor06APSx367o/d3A7N0EuuSPEjesIxTV2qo:X50B/feaz+TJ/ya9N6APw/9u0NPuIz2p

Score
8/10
upx

Malware Config

Targets

    • Target

      8a9af5f7f01fb6bdb680cd049ac55f6c76032d489336a1fac9057967b3b61266

    • Size

      379KB

    • MD5

      6ee26437cc104fb116f52a18b8a24cee

    • SHA1

      611542b360253ddb71ac81364d6cd6293a20d85f

    • SHA256

      8a9af5f7f01fb6bdb680cd049ac55f6c76032d489336a1fac9057967b3b61266

    • SHA512

      3fba076431cfe2b939233726d78e3e878fdffe373dc32b57fc065339053093c0141249f37e30bdbee3e86e5c09a703891f052285b683e25ca36e0b19f55d552a

    • SSDEEP

      6144:X50B/5FeaPRp2CcHTSs/yaBgCDLbor06APSx367o/d3A7N0EuuSPEjesIxTV2qo:X50B/feaz+TJ/ya9N6APw/9u0NPuIz2p

    Score
    8/10
    upx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks