Overview

overview

8

Static

static

917892e6af...9a.exe

windows7-x64

8

917892e6af...9a.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    917892e6af07431cb9efe5145319102c15d9600362284d237d1bba1fc7ee7f9a

  • Size

    1000KB

  • Sample

    221128-ebdfjscd89

  • MD5

    e77476b186670f1baa5050a284ca2621

  • SHA1

    9b4cd2414ba42dfda684b5b6c04d64a0654692a0

  • SHA256

    917892e6af07431cb9efe5145319102c15d9600362284d237d1bba1fc7ee7f9a

  • SHA512

    68aeeaa346c08f508f691ec2ce2564a44b146141443e6f99abbe80e174a5c15956ac71deea79b469dc6789c9f1677809f21b76ac7f056f7a3b55d3bcc5a70548

  • SSDEEP

    12288:LiJq+i49rL8zXWLqUThQFi06R6t3uBHEtUdYqAZGZSmcAUWNrPd5NXnEkCNbaqh0:l+yzXWLqUrR6duBktXXflo3XEkT661yK

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      917892e6af07431cb9efe5145319102c15d9600362284d237d1bba1fc7ee7f9a

    • Size

      1000KB

    • MD5

      e77476b186670f1baa5050a284ca2621

    • SHA1

      9b4cd2414ba42dfda684b5b6c04d64a0654692a0

    • SHA256

      917892e6af07431cb9efe5145319102c15d9600362284d237d1bba1fc7ee7f9a

    • SHA512

      68aeeaa346c08f508f691ec2ce2564a44b146141443e6f99abbe80e174a5c15956ac71deea79b469dc6789c9f1677809f21b76ac7f056f7a3b55d3bcc5a70548

    • SSDEEP

      12288:LiJq+i49rL8zXWLqUThQFi06R6t3uBHEtUdYqAZGZSmcAUWNrPd5NXnEkCNbaqh0:l+yzXWLqUrR6duBktXXflo3XEkT661yK

    Score
    8/10
    persistenceupx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks