1e874ea2052c99e1de54179aa616b1532bb2f8400fa59efbea83349a43603e62 | Triage

Submit
Reports

Overview

overview

8

Static

static

1e874ea205...62.exe

windows7-x64

8

1e874ea205...62.exe

windows10-2004-x64

8

Sharing

General

Target

1e874ea2052c99e1de54179aa616b1532bb2f8400fa59efbea83349a43603e62
Size

1.8MB
Sample

221123-vxdansdb6v
MD5

6bf94b8f289fd9ae2527e04797c0b316
SHA1

4197f2fde26297726daf4691df0e995f6621cea4
SHA256

1e874ea2052c99e1de54179aa616b1532bb2f8400fa59efbea83349a43603e62
SHA512

430b6d6a7591deb73ee3823e940fa6d203291ec1f7ec9c535e8c66e657932ac875a4b077b6661ce27ac21d97672edf8468917c6103392996fd8ea463f57f419b
SSDEEP

49152:J8RgpKPHUSzXKEva43f9MgARCJtH2blUvXJeuODfvAnt:J8RgpszaEv39MgFLWJUv0DHAnt

Score

8^/10

upx

Static task

static1

Behavioral task

behavioral1

Sample

1e874ea2052c99e1de54179aa616b1532bb2f8400fa59efbea83349a43603e62.exe

Resource

win7-20220901-en

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

1e874ea2052c99e1de54179aa616b1532bb2f8400fa59efbea83349a43603e62.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  1e874ea2052c99e1de54179aa616b1532bb2f8400fa59efbea83349a43603e62
- Size
  
  1.8MB
- MD5
  
  6bf94b8f289fd9ae2527e04797c0b316
- SHA1
  
  4197f2fde26297726daf4691df0e995f6621cea4
- SHA256
  
  1e874ea2052c99e1de54179aa616b1532bb2f8400fa59efbea83349a43603e62
- SHA512
  
  430b6d6a7591deb73ee3823e940fa6d203291ec1f7ec9c535e8c66e657932ac875a4b077b6661ce27ac21d97672edf8468917c6103392996fd8ea463f57f419b
- SSDEEP
  
  49152:J8RgpKPHUSzXKEva43f9MgARCJtH2blUvXJeuODfvAnt:J8RgpszaEv39MgFLWJUv0DHAnt
Score

8^/10

upx
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy