db471ec2ec313ebba20d970dd95e31457f519bd651c40072968c114bd3c3f6f2 | Triage

Submit
Reports

Overview

overview

8

Static

static

8

db471ec2ec...f2.exe

windows7-x64

8

db471ec2ec...f2.exe

windows10-2004-x64

8

Sharing

General

Target

db471ec2ec313ebba20d970dd95e31457f519bd651c40072968c114bd3c3f6f2
Size

20KB
Sample

221123-s69n5adc22
MD5

7f82efeb2ddfc6b08d32b86f553105ae
SHA1

0b69f14ac5cc43e600d160b3f1417c2c0c95b086
SHA256

db471ec2ec313ebba20d970dd95e31457f519bd651c40072968c114bd3c3f6f2
SHA512

a470fed010dec306a3dd5a45d51f877623516aad1fc4fe7c971dda16171406cabf817e39e7482e2c55badaefa55af2e76fbdd8a55202de7a7cca940208a6133a
SSDEEP

384:lk/WrYzDzz+Z6UASvw0yFeY/l4G2F0dAcEqnXIml/PBu8L3a1HYTXl2:7YzD1Svw0yFnN7dfEqnX1/PU8L3AHYh

Score

8^/10

persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

db471ec2ec313ebba20d970dd95e31457f519bd651c40072968c114bd3c3f6f2.exe

Resource

win7-20221111-en

persistence upx

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

db471ec2ec313ebba20d970dd95e31457f519bd651c40072968c114bd3c3f6f2.exe

Resource

win10v2004-20220812-en

persistence upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  db471ec2ec313ebba20d970dd95e31457f519bd651c40072968c114bd3c3f6f2
- Size
  
  20KB
- MD5
  
  7f82efeb2ddfc6b08d32b86f553105ae
- SHA1
  
  0b69f14ac5cc43e600d160b3f1417c2c0c95b086
- SHA256
  
  db471ec2ec313ebba20d970dd95e31457f519bd651c40072968c114bd3c3f6f2
- SHA512
  
  a470fed010dec306a3dd5a45d51f877623516aad1fc4fe7c971dda16171406cabf817e39e7482e2c55badaefa55af2e76fbdd8a55202de7a7cca940208a6133a
- SSDEEP
  
  384:lk/WrYzDzz+Z6UASvw0yFeY/l4G2F0dAcEqnXIml/PBu8L3a1HYTXl2:7YzD1Svw0yFnN7dfEqnX1/PU8L3AHYh
Score

8^/10

persistence upx
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy