Overview

overview

9

Static

static

8

b96c42cc1b...85.exe

windows7-x64

9

b96c42cc1b...85.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b96c42cc1bbd96194b4310018835150dd284e3c2d74a8fdba5693b40541a0885

  • Size

    881KB

  • Sample

    221123-qhywlsea89

  • MD5

    6af496f3bbdba25ce16e8ba856feb716

  • SHA1

    459e6c3a7e8a3a6676c3282ce640658a3340e927

  • SHA256

    b96c42cc1bbd96194b4310018835150dd284e3c2d74a8fdba5693b40541a0885

  • SHA512

    e93fb232fd5d87840d19fe13904b8b9bd708d543cf50f0a2eecf4aa2cd99f50b338e059efd4a32de540d64438c16b57f32d0c516ca676745bbdf1c6d8ac54627

  • SSDEEP

    24576:mQMSdDaw0gZEJs2QC/TwYBoGrHBYD9nceNaxhP6tM:m6T0gZEJJQgwghFYZhaqS

Score
9/10
aspackv2upx

Malware Config

Targets

    • Target

      b96c42cc1bbd96194b4310018835150dd284e3c2d74a8fdba5693b40541a0885

    • Size

      881KB

    • MD5

      6af496f3bbdba25ce16e8ba856feb716

    • SHA1

      459e6c3a7e8a3a6676c3282ce640658a3340e927

    • SHA256

      b96c42cc1bbd96194b4310018835150dd284e3c2d74a8fdba5693b40541a0885

    • SHA512

      e93fb232fd5d87840d19fe13904b8b9bd708d543cf50f0a2eecf4aa2cd99f50b338e059efd4a32de540d64438c16b57f32d0c516ca676745bbdf1c6d8ac54627

    • SSDEEP

      24576:mQMSdDaw0gZEJs2QC/TwYBoGrHBYD9nceNaxhP6tM:m6T0gZEJJQgwghFYZhaqS

    Score
    9/10
    aspackv2upx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks