Overview

overview

8

Static

static

8

681ae6c27b...63.exe

windows7-x64

8

681ae6c27b...63.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    681ae6c27b8882509769572718598c97396cf2f99667fe71635af2de20f62363

  • Size

    120KB

  • Sample

    221123-xrhdjsag6v

  • MD5

    46a25f2f81a664dde162bc6d07b08cf3

  • SHA1

    00e962e2890d17188197b69d6976db847be09436

  • SHA256

    681ae6c27b8882509769572718598c97396cf2f99667fe71635af2de20f62363

  • SHA512

    d4b89001b4a55676f12362bcd22c48e51da5f2e56d9328f0d81c0b544cdfe2c1f8996110c76592c9428492a754ecb59a6322fc99b6751eb4d25066b5493fdce4

  • SSDEEP

    3072:3NKfRBKLCyrh1aZLxLv+CEiTNPBsSnt3I3ZrnBCnw:3AfGNnCLxzjEiTNPiSt3I3Zt

Score
8/10
upx

Malware Config

Targets

    • Target

      681ae6c27b8882509769572718598c97396cf2f99667fe71635af2de20f62363

    • Size

      120KB

    • MD5

      46a25f2f81a664dde162bc6d07b08cf3

    • SHA1

      00e962e2890d17188197b69d6976db847be09436

    • SHA256

      681ae6c27b8882509769572718598c97396cf2f99667fe71635af2de20f62363

    • SHA512

      d4b89001b4a55676f12362bcd22c48e51da5f2e56d9328f0d81c0b544cdfe2c1f8996110c76592c9428492a754ecb59a6322fc99b6751eb4d25066b5493fdce4

    • SSDEEP

      3072:3NKfRBKLCyrh1aZLxLv+CEiTNPBsSnt3I3ZrnBCnw:3AfGNnCLxzjEiTNPiSt3I3Zt

    Score
    8/10
    upx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks