Overview

overview

8

Static

static

8

5a66af292d...d5.exe

windows7-x64

8

5a66af292d...d5.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    5a66af292d0af136d4bbe9168ed545429f4991b977e208c4a8a9fb5531a682d5

  • Size

    1005KB

  • Sample

    221128-h2ryeaae8s

  • MD5

    a0cc9c246a694eff1abcb43857551eab

  • SHA1

    243f938ab721f1ab8be5e7fc54fe74e9ce04a369

  • SHA256

    5a66af292d0af136d4bbe9168ed545429f4991b977e208c4a8a9fb5531a682d5

  • SHA512

    5bbb22022452498ba8a1cc1017acfd7b9d03288771873c7bc92b38450155dbe917e02b2cbcd4dcdffa474061cf12787fd33cb6a71515c0927d775fc62b3bf54d

  • SSDEEP

    24576:quEVtYGn52JP5X6WgklW+MjbFZHtkbMzNLfPef8BcxxL5tDuA:D6sT/4+6b/OgPefWcxfFJ

Score
8/10
upx

Malware Config

Targets

    • Target

      5a66af292d0af136d4bbe9168ed545429f4991b977e208c4a8a9fb5531a682d5

    • Size

      1005KB

    • MD5

      a0cc9c246a694eff1abcb43857551eab

    • SHA1

      243f938ab721f1ab8be5e7fc54fe74e9ce04a369

    • SHA256

      5a66af292d0af136d4bbe9168ed545429f4991b977e208c4a8a9fb5531a682d5

    • SHA512

      5bbb22022452498ba8a1cc1017acfd7b9d03288771873c7bc92b38450155dbe917e02b2cbcd4dcdffa474061cf12787fd33cb6a71515c0927d775fc62b3bf54d

    • SSDEEP

      24576:quEVtYGn52JP5X6WgklW+MjbFZHtkbMzNLfPef8BcxxL5tDuA:D6sT/4+6b/OgPefWcxfFJ

    Score
    8/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Loads dropped DLL

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks