Overview

overview

8

Static

static

8

7d2ccb3c69...1d.exe

windows7-x64

8

7d2ccb3c69...1d.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7d2ccb3c6927f945ae0d94f4903e081141fc944017f926cb98962fcf1cd57c1d

  • Size

    24KB

  • Sample

    221123-zhebmsga2t

  • MD5

    4374a30f5e601afb5ccbd483f2249102

  • SHA1

    1e2d8afa9055fce11f8b4134deef6d2d0a29358b

  • SHA256

    7d2ccb3c6927f945ae0d94f4903e081141fc944017f926cb98962fcf1cd57c1d

  • SHA512

    762582126bc1ea9ba14221297aea665ea87987e292c4709a96305f1987043a4bf0a6a223333b5d744103c99dbdce601df0f6bf63b5ab48592657f049058ce6f2

  • SSDEEP

    384:1FLg2MOlz7LWoVkR6O27HxKguVXdaJp2zIzGLCloolYthU:1FLJ6RMnuVXg720zGLClfAh

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      7d2ccb3c6927f945ae0d94f4903e081141fc944017f926cb98962fcf1cd57c1d

    • Size

      24KB

    • MD5

      4374a30f5e601afb5ccbd483f2249102

    • SHA1

      1e2d8afa9055fce11f8b4134deef6d2d0a29358b

    • SHA256

      7d2ccb3c6927f945ae0d94f4903e081141fc944017f926cb98962fcf1cd57c1d

    • SHA512

      762582126bc1ea9ba14221297aea665ea87987e292c4709a96305f1987043a4bf0a6a223333b5d744103c99dbdce601df0f6bf63b5ab48592657f049058ce6f2

    • SSDEEP

      384:1FLg2MOlz7LWoVkR6O27HxKguVXdaJp2zIzGLCloolYthU:1FLJ6RMnuVXg720zGLClfAh

    Score
    8/10
    upxpersistence

    • Drops file in Drivers directory

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks