Overview

overview

9

Static

static

8

b0a45372fd...54.exe

windows7-x64

9

b0a45372fd...54.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b0a45372fd61daa93a4159e1b517cde8895dad26bb0f5c907f49502b6f5bf454

  • Size

    24KB

  • Sample

    221128-e8z1tafb22

  • MD5

    ae741b8664c23c6d9ae0b33da762f66f

  • SHA1

    93fb5060e0b26ad10eed4e8ac124d59cbd38f339

  • SHA256

    b0a45372fd61daa93a4159e1b517cde8895dad26bb0f5c907f49502b6f5bf454

  • SHA512

    5a6630ce86129069f713e717d4ebaebd80e5acf20ff82d68b25ebfe05731921a9b448a92b987dad7b706aed3352e462fa7b2d67be61b12aff9fa82c4891ba75e

  • SSDEEP

    384:9dudjWtQouEU2+ZfEnOrqnTksPvVGk2IjHs2XtbK6wkqYv:9YsnBCZfEOrqngO2IjHlNK62O

Score
9/10
upx

Malware Config

Targets

    • Target

      b0a45372fd61daa93a4159e1b517cde8895dad26bb0f5c907f49502b6f5bf454

    • Size

      24KB

    • MD5

      ae741b8664c23c6d9ae0b33da762f66f

    • SHA1

      93fb5060e0b26ad10eed4e8ac124d59cbd38f339

    • SHA256

      b0a45372fd61daa93a4159e1b517cde8895dad26bb0f5c907f49502b6f5bf454

    • SHA512

      5a6630ce86129069f713e717d4ebaebd80e5acf20ff82d68b25ebfe05731921a9b448a92b987dad7b706aed3352e462fa7b2d67be61b12aff9fa82c4891ba75e

    • SSDEEP

      384:9dudjWtQouEU2+ZfEnOrqnTksPvVGk2IjHs2XtbK6wkqYv:9YsnBCZfEOrqngO2IjHlNK62O

    Score
    9/10
    upx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks