Overview

overview

8

Static

static

e7b70df769...8c.exe

windows7-x64

8

e7b70df769...8c.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e7b70df76925ff1c7559bb526bf7f51ff2dc1c9219a3d169a64f51abac0d048c

  • Size

    1.0MB

  • Sample

    221127-nlzafadd25

  • MD5

    a04f93978a3f28e28fcfb19fbf2dac5a

  • SHA1

    15c804e499f8ab46a377e50674c0e0df31282ce6

  • SHA256

    e7b70df76925ff1c7559bb526bf7f51ff2dc1c9219a3d169a64f51abac0d048c

  • SHA512

    0330ad98907293a668cfed90c9f52df67b30c53bbe97dea0abd2d1e01e3baf98553e96c7794ef3bceeb42e285f78a15c2aa5d6d8b322f44ba12ab791b60a053b

  • SSDEEP

    12288:j5ORcHoQppTTq1T/gS4IAQsCV6HW/2gmz3Kg4Di5LoUv1UpsSRwKIg:jIJkqt/gDkV6HJfzag4DiloU9UpsEwU

Score
8/10
upx

Malware Config

Targets

    • Target

      e7b70df76925ff1c7559bb526bf7f51ff2dc1c9219a3d169a64f51abac0d048c

    • Size

      1.0MB

    • MD5

      a04f93978a3f28e28fcfb19fbf2dac5a

    • SHA1

      15c804e499f8ab46a377e50674c0e0df31282ce6

    • SHA256

      e7b70df76925ff1c7559bb526bf7f51ff2dc1c9219a3d169a64f51abac0d048c

    • SHA512

      0330ad98907293a668cfed90c9f52df67b30c53bbe97dea0abd2d1e01e3baf98553e96c7794ef3bceeb42e285f78a15c2aa5d6d8b322f44ba12ab791b60a053b

    • SSDEEP

      12288:j5ORcHoQppTTq1T/gS4IAQsCV6HW/2gmz3Kg4Di5LoUv1UpsSRwKIg:jIJkqt/gDkV6HJfzag4DiloU9UpsEwU

    Score
    8/10
    upx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks