Overview

overview

8

Static

static

8

daff14bc41...59.exe

windows7-x64

8

daff14bc41...59.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    daff14bc41199713052e07edf05faefd9676d4b46a2f048de4e0178d00f65b59

  • Size

    123KB

  • Sample

    221123-tfc3xaha3w

  • MD5

    2577cc18aba285dbac94002bd752fac0

  • SHA1

    1faa4a98c6b6cfbfb96ef9399730f3c33b465e73

  • SHA256

    daff14bc41199713052e07edf05faefd9676d4b46a2f048de4e0178d00f65b59

  • SHA512

    36aebc2233b84ec78a86d39a39ad49bdab715dff1be1119fe960e4551004db6080caca89cefe3b6a3f07949e1e929f36654240f65ebf53849db7228187be38de

  • SSDEEP

    3072:YYPh9f1/aBFyklWwwWPHmdYRuFbV6w+RaDNEiUAt:R5lIT7wqGd16+lt

Score
8/10
upx

Malware Config

Targets

    • Target

      daff14bc41199713052e07edf05faefd9676d4b46a2f048de4e0178d00f65b59

    • Size

      123KB

    • MD5

      2577cc18aba285dbac94002bd752fac0

    • SHA1

      1faa4a98c6b6cfbfb96ef9399730f3c33b465e73

    • SHA256

      daff14bc41199713052e07edf05faefd9676d4b46a2f048de4e0178d00f65b59

    • SHA512

      36aebc2233b84ec78a86d39a39ad49bdab715dff1be1119fe960e4551004db6080caca89cefe3b6a3f07949e1e929f36654240f65ebf53849db7228187be38de

    • SSDEEP

      3072:YYPh9f1/aBFyklWwwWPHmdYRuFbV6w+RaDNEiUAt:R5lIT7wqGd16+lt

    Score
    8/10
    upx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks