6a50ec0f1b62a9af3b5d8f387cb228be0c23a81f63ac1ede0c340b077e187191 | Triage

Submit
Reports

Overview

overview

8

Static

static

8

6a50ec0f1b...91.exe

windows7-x64

8

6a50ec0f1b...91.exe

windows10-2004-x64

8

Sharing

General

Target

6a50ec0f1b62a9af3b5d8f387cb228be0c23a81f63ac1ede0c340b077e187191
Size

22KB
Sample

221124-e2g7esha73
MD5

ce17d920e84a8704c311f814ba980421
SHA1

755c5beb7a15dd3a6d5eb6a5cf6f1326e3dcafa9
SHA256

6a50ec0f1b62a9af3b5d8f387cb228be0c23a81f63ac1ede0c340b077e187191
SHA512

daee1137e0c510d848f9fb7ef0b81ad3bfc6399ee4d95ee33584409b2c6f3ac383b86258d36dde7e801c6af9cce6862050c5c6086e0125be3398d21bce7c722e
SSDEEP

384:rIiV728hUQ7Y2P/cVEccDdye7kjlWLe7grPiA8jyrMPhTjanbBoZSuniaNJawcuQ:rRGuY2P0Vo6r7SiAwyrMRjbgKnbcuyDw

Score

8^/10

evasion upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

6a50ec0f1b62a9af3b5d8f387cb228be0c23a81f63ac1ede0c340b077e187191.exe

Resource

win7-20220812-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

6a50ec0f1b62a9af3b5d8f387cb228be0c23a81f63ac1ede0c340b077e187191.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  6a50ec0f1b62a9af3b5d8f387cb228be0c23a81f63ac1ede0c340b077e187191
- Size
  
  22KB
- MD5
  
  ce17d920e84a8704c311f814ba980421
- SHA1
  
  755c5beb7a15dd3a6d5eb6a5cf6f1326e3dcafa9
- SHA256
  
  6a50ec0f1b62a9af3b5d8f387cb228be0c23a81f63ac1ede0c340b077e187191
- SHA512
  
  daee1137e0c510d848f9fb7ef0b81ad3bfc6399ee4d95ee33584409b2c6f3ac383b86258d36dde7e801c6af9cce6862050c5c6086e0125be3398d21bce7c722e
- SSDEEP
  
  384:rIiV728hUQ7Y2P/cVEccDdye7kjlWLe7grPiA8jyrMPhTjanbBoZSuniaNJawcuQ:rRGuY2P0Vo6r7SiAwyrMRjbgKnbcuyDw
Score

8^/10

evasion upx
- Drops file in Drivers directory
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy