Overview

overview

8

Static

static

8

8eec44c462...31.exe

windows7-x64

8

8eec44c462...31.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8eec44c4624e4e41e8c8cedddbc05f206aafede5ed580f85fedc3a10fc768c31

  • Size

    68KB

  • Sample

    221201-bwdehacc46

  • MD5

    c70c332e91e26d3c9275538832957e10

  • SHA1

    c22afac942be0130171260717100647c14e0e0f5

  • SHA256

    8eec44c4624e4e41e8c8cedddbc05f206aafede5ed580f85fedc3a10fc768c31

  • SHA512

    360d883ec3c1f05e891ed62a41803d32f827a530ac1c189d903878e2ac63132f71b994a6f58065f621c770f9a0ad57eaff23ca1afd5f8fd5707c5632cd98682b

  • SSDEEP

    1536:vMXxVulAmfx/Wz30ZkHuM4ymdgIfG133EqKopXIwOpruPGBxrzbu1N3XloBMot0E:0sVS3Ckr0NCJpXBkruPG73A+TG3

Score
8/10
discoveryexploitupx

Malware Config

Targets

    • Target

      8eec44c4624e4e41e8c8cedddbc05f206aafede5ed580f85fedc3a10fc768c31

    • Size

      68KB

    • MD5

      c70c332e91e26d3c9275538832957e10

    • SHA1

      c22afac942be0130171260717100647c14e0e0f5

    • SHA256

      8eec44c4624e4e41e8c8cedddbc05f206aafede5ed580f85fedc3a10fc768c31

    • SHA512

      360d883ec3c1f05e891ed62a41803d32f827a530ac1c189d903878e2ac63132f71b994a6f58065f621c770f9a0ad57eaff23ca1afd5f8fd5707c5632cd98682b

    • SSDEEP

      1536:vMXxVulAmfx/Wz30ZkHuM4ymdgIfG133EqKopXIwOpruPGBxrzbu1N3XloBMot0E:0sVS3Ckr0NCJpXBkruPG73A+TG3

    Score
    8/10
    discoveryexploitupx

    • Possible privilege escalation attempt

      exploit

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Modifies file permissions

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks