d7f1a4d46a327b0e699cc6c63c33dfd470d7c7bd702ae34adb1c1ccc04a81e24 | Triage

Submit
Reports

Overview

overview

8

Static

static

8

d7f1a4d46a...24.exe

windows7-x64

8

d7f1a4d46a...24.exe

windows10-2004-x64

8

Sharing

General

Target

d7f1a4d46a327b0e699cc6c63c33dfd470d7c7bd702ae34adb1c1ccc04a81e24
Size

666KB
Sample

221128-ddh85saa53
MD5

85c94e53d9907709e95cbfae70aafba8
SHA1

77f758aeab862c7de7cd20c6f8897c7c3d5e7b3d
SHA256

d7f1a4d46a327b0e699cc6c63c33dfd470d7c7bd702ae34adb1c1ccc04a81e24
SHA512

bb259d2d99aca5975ed21e8ebe4e75bf702bd62b0e6d5f9539f9276000f1005e47e870108b53113b1cc2b82ec04d59d6a2bd29b5ebd3e966439351d0bed229da
SSDEEP

12288:nsaY8rxqXqavGpFCFkguX9M6Pqh11JDf19mP+YWKzAWwKztPF+3TsyZ/PJTbpGrW:B/rxiY8kguXrPqVJDf1UP+WzEKztPY3J

Score

8^/10

aspackv2 discovery upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

d7f1a4d46a327b0e699cc6c63c33dfd470d7c7bd702ae34adb1c1ccc04a81e24.exe

Resource

win7-20221111-en

aspackv2 discovery upx

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

d7f1a4d46a327b0e699cc6c63c33dfd470d7c7bd702ae34adb1c1ccc04a81e24.exe

Resource

win10v2004-20221111-en

aspackv2 discovery upx

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  d7f1a4d46a327b0e699cc6c63c33dfd470d7c7bd702ae34adb1c1ccc04a81e24
- Size
  
  666KB
- MD5
  
  85c94e53d9907709e95cbfae70aafba8
- SHA1
  
  77f758aeab862c7de7cd20c6f8897c7c3d5e7b3d
- SHA256
  
  d7f1a4d46a327b0e699cc6c63c33dfd470d7c7bd702ae34adb1c1ccc04a81e24
- SHA512
  
  bb259d2d99aca5975ed21e8ebe4e75bf702bd62b0e6d5f9539f9276000f1005e47e870108b53113b1cc2b82ec04d59d6a2bd29b5ebd3e966439351d0bed229da
- SSDEEP
  
  12288:nsaY8rxqXqavGpFCFkguX9M6Pqh11JDf19mP+YWKzAWwKztPF+3TsyZ/PJTbpGrW:B/rxiY8kguXrPqVJDf1UP+WzEKztPY3J
Score

8^/10

aspackv2 discovery upx
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

aspackv2discoveryupx

behavioral2

aspackv2discoveryupx

© 2018-2024

Terms | Privacy