Overview

overview

9

Static

static

q779596940_Setup.exe

windows7-x64

9

q779596940_Setup.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b0796043e80509de38a67ab188e592877b6e3e516a5dbe09bd71d8256db67c7e

  • Size

    558KB

  • Sample

    221123-xfnq7aeh44

  • MD5

    05c3826b735ee624b51d9528c4d4dd0b

  • SHA1

    58da5c9d5052ac08c63f50aa90396ba0aa1fd8b5

  • SHA256

    b0796043e80509de38a67ab188e592877b6e3e516a5dbe09bd71d8256db67c7e

  • SHA512

    5e7b913ff3ae31469d2cb3b649b11582d139324ff49108626e77862c22111d0a9fbce8ec7b32278e0dd56dce9c35618ea297df73d40c7783574ccd2ace1d09ea

  • SSDEEP

    12288:3ZTC45zhVzN/GSKRSnsJCAyI7Ez6nFFJWalsWfsfC2p2d:9C45XzN+tSSCy7h/bh0flu

Score
9/10
upx

Malware Config

Targets

    • Target

      q779596940_Setup.exe

    • Size

      761KB

    • MD5

      4cb3b6c7cbada76bd1acb02e676d913c

    • SHA1

      c9f2744a5241f41c7a69415fd4156d7bcc75c52f

    • SHA256

      eac294a3965f23fd83025dd8eaf2ca86b6299725dc2cceb24803bbd6b8d3ce4a

    • SHA512

      e6e8fa2c7cdcd33c664fbb1829f75104b2108ce49946433e5fb1a3d8788ea6ad26573c34bbcd9da0863e7a3545f6f97143287d732f066cad3032abcd7b5155d5

    • SSDEEP

      12288:/vfC4yEFa4+hvIi3GoyGyN0+p2C/wFOehxoT2r4imqpa2nGZjwtAJU3fatGVWbZG:/vfVDFa4+hv7GoyGyN0+3/yOIY2rhnGs

    Score
    9/10
    upx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Deletes itself

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks