Overview

overview

8

Static

static

cfec450e45...ce.exe

windows7-x64

8

cfec450e45...ce.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cfec450e4508f3b3fdc7a841d9453aabd19711397493787f45bc279c441cbfce

  • Size

    252KB

  • Sample

    221124-lhcadshb2s

  • MD5

    a96279e4ef9c954656e39f7fd2fd74e3

  • SHA1

    8ddb96905acf15083c03d1b264078eccd01a0abf

  • SHA256

    cfec450e4508f3b3fdc7a841d9453aabd19711397493787f45bc279c441cbfce

  • SHA512

    d39cabd9d33504ecdd4b71aec49dd02fd15e78c19f12c411a0182130fcf18ff33485331eca41997f249f505ea6234f09168dff0156666f82b34fc2588ce90800

  • SSDEEP

    6144:6P6nejFShV25IXS7XAj+Lv998rirykvW9s8kedZCzNogr8Q+p:44O8hOXAo98rT2W1kedZ2p8QW

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      cfec450e4508f3b3fdc7a841d9453aabd19711397493787f45bc279c441cbfce

    • Size

      252KB

    • MD5

      a96279e4ef9c954656e39f7fd2fd74e3

    • SHA1

      8ddb96905acf15083c03d1b264078eccd01a0abf

    • SHA256

      cfec450e4508f3b3fdc7a841d9453aabd19711397493787f45bc279c441cbfce

    • SHA512

      d39cabd9d33504ecdd4b71aec49dd02fd15e78c19f12c411a0182130fcf18ff33485331eca41997f249f505ea6234f09168dff0156666f82b34fc2588ce90800

    • SSDEEP

      6144:6P6nejFShV25IXS7XAj+Lv998rirykvW9s8kedZCzNogr8Q+p:44O8hOXAo98rT2W1kedZ2p8QW

    Score
    8/10
    persistenceupx

    • Modifies Installed Components in the registry

      persistence

    • Registers COM server for autorun

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks