Overview

overview

8

Static

static

1e9c719581...6b.exe

windows7-x64

8

1e9c719581...6b.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    1e9c719581d126f8913f97a377dfc326fb3b354021308977351736985334816b

  • Size

    151KB

  • Sample

    221127-mtr1naeh2y

  • MD5

    e9a414d319e6833a9ae99e921f8143e8

  • SHA1

    fea39907d1f5cccfa4654f106969985a4c6cbacf

  • SHA256

    1e9c719581d126f8913f97a377dfc326fb3b354021308977351736985334816b

  • SHA512

    3ebea7779f264e1ef326fce01506ef8980812a3f19ab8c3a986ce4eaffea3e0b0e7b4c86034f76586b83c0333d5d6f76bb2b532c79dc9ce235e21f6b435d8711

  • SSDEEP

    3072:O6e7UseewInVs7Q3BJu6LjX5l22HcBah1CHzxT4+TdfZA/ktJOz9LcXPuel:3Vse5IVGCBJu6/549iKJTdfC/km9LcXB

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      1e9c719581d126f8913f97a377dfc326fb3b354021308977351736985334816b

    • Size

      151KB

    • MD5

      e9a414d319e6833a9ae99e921f8143e8

    • SHA1

      fea39907d1f5cccfa4654f106969985a4c6cbacf

    • SHA256

      1e9c719581d126f8913f97a377dfc326fb3b354021308977351736985334816b

    • SHA512

      3ebea7779f264e1ef326fce01506ef8980812a3f19ab8c3a986ce4eaffea3e0b0e7b4c86034f76586b83c0333d5d6f76bb2b532c79dc9ce235e21f6b435d8711

    • SSDEEP

      3072:O6e7UseewInVs7Q3BJu6LjX5l22HcBah1CHzxT4+TdfZA/ktJOz9LcXPuel:3Vse5IVGCBJu6/549iKJTdfC/km9LcXB

    Score
    8/10
    persistenceupx

    • Executes dropped EXE

    • Registers COM server for autorun

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks