Overview

overview

8

Static

static

8

NOD32A~1.exe

windows7-x64

8

NOD32A~1.exe

windows10-2004-x64

8

UNINST~1.exe

windows7-x64

3

UNINST~1.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    85597c215a8a6a3c6093941998f05775811b40fecc31789291cbd4a96121524d

  • Size

    594KB

  • Sample

    221129-ham55sdg56

  • MD5

    4e46598b2867b4299085e0ec86e9b953

  • SHA1

    accdca67ebf56ca726c490fc1553e6ddc8d00326

  • SHA256

    85597c215a8a6a3c6093941998f05775811b40fecc31789291cbd4a96121524d

  • SHA512

    9aaa1611844e0561c45b834a51bf53e78e33cd114334fd6b349248deacdcb6f0ff552b50d932a7f7fbe51ee95ec231aba2529fa28f0b13e7a9149e74749e49e5

  • SSDEEP

    12288:KN4nykMrpGcecNdcETUN4jnhZnMeS/SFfEY7QISVD71F:K+ykiejyUkhZnlSsMIa71F

Score
8/10
upx

Malware Config

Targets

    • Target

      NOD32A~1.EXE

    • Size

      708KB

    • MD5

      b167387489d07493ed34e6929757043e

    • SHA1

      66c4bd71bf950f27f62308e4376b100b30666fd8

    • SHA256

      a56a597bb1b7db8ff297ea3b38539f0b9e2b41376668af3827edf334bb1ce329

    • SHA512

      34d57355f8908d595b73b68c6c37b10a8e4399100acca99f1f5baf6764bcd110130594ce30656b07c8d55e29e0558b2830b44b07016f243fbdd248915e1cb5b0

    • SSDEEP

      12288:sLb58E2pBHGpQiKpBIuZNNi6sRInBZqpzUF4AnjZnMei/SFfdYTQwW8DB:meJpBniKpBPzPzqtURjZnli5kwtB

    Score
    8/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

    • Target

      UNINST~1.EXE

    • Size

      32KB

    • MD5

      8465192b9a8752ddd5829cb8d2ff17fe

    • SHA1

      15a350ba63ee8880787b6fd3af6446046c796d0c

    • SHA256

      fd730d73f5a2ca5c6fd0a6ae82153adf80f5b99d826004a419e69c0d15e91f68

    • SHA512

      8eeaf57cc6c8dfdd172725fb9d2512e2a7b3c709834fd89cb0009625082477098a463a0fbcc45547a4be6c821e7a5813b4b73d210dc2defc61bb06d5c0a20c3c

    • SSDEEP

      768:d4iFpuIy5DHyfxd2wXWGgfehbTuM0PBqKO7YqbMUPP4N1:qyuzsd2Sg2UFBNOBb/ID

    Score
    7/10

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral3behavioral4

MITRE ATT&CK Enterprise v6

Tasks