Overview

overview

8

Static

static

8

9c60ae6f28...84.exe

windows7-x64

8

9c60ae6f28...84.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    9c60ae6f288ea6a63a4d7ae841240ec2a87d5976e0a5d02facf1b3e772b9b584

  • Size

    516KB

  • Sample

    221201-mlpwbsaa95

  • MD5

    62110de01beafbb8d18e47798fc4449a

  • SHA1

    91f7706416159cffb921e943366f4d18f5880a77

  • SHA256

    9c60ae6f288ea6a63a4d7ae841240ec2a87d5976e0a5d02facf1b3e772b9b584

  • SHA512

    f8e897fbd77251cc4428f1088e129aef19df3597e2062e189597b89eeb4d3fb72d53ab795d2ddd2f2b4eeefd7e27ebb69c683c90f23e9cc9f5b1f467f6e63446

  • SSDEEP

    12288:2TVxkBYPKQFmWQdAFLp+zfSKqtRBXyINjCWm1kx+SMJutx+:2EBYPKjWQAUrSKqtTzNl3+SKutx

Score
8/10
upxvmprotect

Malware Config

Targets

    • Target

      9c60ae6f288ea6a63a4d7ae841240ec2a87d5976e0a5d02facf1b3e772b9b584

    • Size

      516KB

    • MD5

      62110de01beafbb8d18e47798fc4449a

    • SHA1

      91f7706416159cffb921e943366f4d18f5880a77

    • SHA256

      9c60ae6f288ea6a63a4d7ae841240ec2a87d5976e0a5d02facf1b3e772b9b584

    • SHA512

      f8e897fbd77251cc4428f1088e129aef19df3597e2062e189597b89eeb4d3fb72d53ab795d2ddd2f2b4eeefd7e27ebb69c683c90f23e9cc9f5b1f467f6e63446

    • SSDEEP

      12288:2TVxkBYPKQFmWQdAFLp+zfSKqtRBXyINjCWm1kx+SMJutx+:2EBYPKjWQAUrSKqtTzNl3+SKutx

    Score
    8/10
    upxvmprotect

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks