General

  • Target

    a86597a7f4069db8cf414b0dd87b0f84e04bac4c1ff915df3a592d38557be35e

  • Size

    6.0MB

  • Sample

    221124-afe3qahe71

  • MD5

    972a4e05b3795bba2ed21cfde1d34229

  • SHA1

    af8865d6144a4331e736819de4a335e4da3968e4

  • SHA256

    a86597a7f4069db8cf414b0dd87b0f84e04bac4c1ff915df3a592d38557be35e

  • SHA512

    d1f3a00cb8150b2286a61823e4c2ee1eab6899a100b7c4133c8f4272dd29912c27a3c23c757ba065d59139afa9c1f51089a1f1d9538bb8559b6c4e54f21398b7

  • SSDEEP

    98304:aup+CgTmGHqC3v/fq6Q3vxTSsTyVlP4AvZ8X16DhKWAZvhUdmWLOPvKlu0CbxaCd:F+JT8G/y6QMsTyVlPGMDhGUd7aylu0Cp

Score
8/10

Malware Config

Targets

    • Target

      a86597a7f4069db8cf414b0dd87b0f84e04bac4c1ff915df3a592d38557be35e

    • Size

      6.0MB

    • MD5

      972a4e05b3795bba2ed21cfde1d34229

    • SHA1

      af8865d6144a4331e736819de4a335e4da3968e4

    • SHA256

      a86597a7f4069db8cf414b0dd87b0f84e04bac4c1ff915df3a592d38557be35e

    • SHA512

      d1f3a00cb8150b2286a61823e4c2ee1eab6899a100b7c4133c8f4272dd29912c27a3c23c757ba065d59139afa9c1f51089a1f1d9538bb8559b6c4e54f21398b7

    • SSDEEP

      98304:aup+CgTmGHqC3v/fq6Q3vxTSsTyVlP4AvZ8X16DhKWAZvhUdmWLOPvKlu0CbxaCd:F+JT8G/y6QMsTyVlPGMDhGUd7aylu0Cp

    Score
    8/10
    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks