Overview

overview

8

Static

static

4853e9cda8...12.exe

windows7-x64

8

4853e9cda8...12.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4853e9cda86876130f41d660e84c709087904185d4f0ca0c1415a00bb288b212

  • Size

    220KB

  • Sample

    221201-f3d2tsgg76

  • MD5

    29bcfd98f86cf162cfd8f8702ee34070

  • SHA1

    07655bd4ef6b7089e1d50ef51e138f081c32cd89

  • SHA256

    4853e9cda86876130f41d660e84c709087904185d4f0ca0c1415a00bb288b212

  • SHA512

    695b56454c6ca7f57b1c314611839800e33d710592f8bc81fa762d1a910dc8121dbd29906b5ec66281d00df9b5333af00d8f892993ac3e4457415c548441daf5

  • SSDEEP

    6144:/R2zP+yfsBqacKMBgx/qv+zghESskltX2Q:QzsBqfNSiv858F

Score
8/10
upx

Malware Config

Targets

    • Target

      4853e9cda86876130f41d660e84c709087904185d4f0ca0c1415a00bb288b212

    • Size

      220KB

    • MD5

      29bcfd98f86cf162cfd8f8702ee34070

    • SHA1

      07655bd4ef6b7089e1d50ef51e138f081c32cd89

    • SHA256

      4853e9cda86876130f41d660e84c709087904185d4f0ca0c1415a00bb288b212

    • SHA512

      695b56454c6ca7f57b1c314611839800e33d710592f8bc81fa762d1a910dc8121dbd29906b5ec66281d00df9b5333af00d8f892993ac3e4457415c548441daf5

    • SSDEEP

      6144:/R2zP+yfsBqacKMBgx/qv+zghESskltX2Q:QzsBqfNSiv858F

    Score
    8/10
    upx

    • Drops file in Drivers directory

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks