9c8aac3eede7bc58c420b940a4c701b5ea191d6308571746a72f330abf232684 | Triage

Submit
Reports

Overview

overview

8

Static

static

8

9c8aac3eed...84.exe

windows7-x64

9c8aac3eed...84.exe

windows10-2004-x64

8

Sharing

General

Target

9c8aac3eede7bc58c420b940a4c701b5ea191d6308571746a72f330abf232684
Size

540KB
Sample

221123-xkfw5sac3w
MD5

422d00b5868966d89b77bb5683f0ef30
SHA1

2f6edd863f3c668fedaedee3e333cebeca959d2e
SHA256

9c8aac3eede7bc58c420b940a4c701b5ea191d6308571746a72f330abf232684
SHA512

b3452b695d0204f788b2872e1e4ff295788739f6a2ce468e49f83c8169f9874ce2a1b7ee39fa101df189f3b8450220b0a52c847ba360cea37a10f9ff2b6582ce
SSDEEP

12288:LlIp3+jXpoflHchHoA7u75zMNbP0NAXKrZaOiYLpi8083UloS:LQwmqp7uaPQ/rZaOiYLpZ083

Score

8^/10

upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

9c8aac3eede7bc58c420b940a4c701b5ea191d6308571746a72f330abf232684.exe

Resource

win7-20220901-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

9c8aac3eede7bc58c420b940a4c701b5ea191d6308571746a72f330abf232684.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  9c8aac3eede7bc58c420b940a4c701b5ea191d6308571746a72f330abf232684
- Size
  
  540KB
- MD5
  
  422d00b5868966d89b77bb5683f0ef30
- SHA1
  
  2f6edd863f3c668fedaedee3e333cebeca959d2e
- SHA256
  
  9c8aac3eede7bc58c420b940a4c701b5ea191d6308571746a72f330abf232684
- SHA512
  
  b3452b695d0204f788b2872e1e4ff295788739f6a2ce468e49f83c8169f9874ce2a1b7ee39fa101df189f3b8450220b0a52c847ba360cea37a10f9ff2b6582ce
- SSDEEP
  
  12288:LlIp3+jXpoflHchHoA7u75zMNbP0NAXKrZaOiYLpi8083UloS:LQwmqp7uaPQ/rZaOiYLpZ083
Score

8^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy