General

  • Target

    c064297663ee35b5e5cda40e08a53358647f7d934f270f1b0bdab42a9d95c883

  • Size

    604KB

  • Sample

    221123-vmsmlshd88

  • MD5

    34939956e73ddbaf37b964a48d6bea31

  • SHA1

    efc9a22cacaaf38660650fdc60e03261ba50cc93

  • SHA256

    c064297663ee35b5e5cda40e08a53358647f7d934f270f1b0bdab42a9d95c883

  • SHA512

    8a41a3f180de42672a2bc03a3ad74becc649d4beaffe3e2d891393c4207778b9d56dd9162d7aaa246c7e56673bb6654a315d1513a9901fafe38a08ab7676d906

  • SSDEEP

    12288:bdPIPFdPZdPzPFdPZdPSPFdPZdPcSDyTFtjHSDyTFtj:hDyTFtjyDyTFtj

Score
8/10
upx

Malware Config

Targets

    • Target

      c064297663ee35b5e5cda40e08a53358647f7d934f270f1b0bdab42a9d95c883

    • Size

      604KB

    • MD5

      34939956e73ddbaf37b964a48d6bea31

    • SHA1

      efc9a22cacaaf38660650fdc60e03261ba50cc93

    • SHA256

      c064297663ee35b5e5cda40e08a53358647f7d934f270f1b0bdab42a9d95c883

    • SHA512

      8a41a3f180de42672a2bc03a3ad74becc649d4beaffe3e2d891393c4207778b9d56dd9162d7aaa246c7e56673bb6654a315d1513a9901fafe38a08ab7676d906

    • SSDEEP

      12288:bdPIPFdPZdPzPFdPZdPSPFdPZdPcSDyTFtjHSDyTFtj:hDyTFtjyDyTFtj

    Score
    8/10
    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks