Overview

overview

9

Static

static

8

8496ac1c9e...46.exe

windows7-x64

9

8496ac1c9e...46.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    8496ac1c9e019094d362cce98f500ea401e6c677bce0bff79880695b3fb70746

  • Size

    22KB

  • Sample

    221202-xwajhaee64

  • MD5

    cf6dee22f21bb92e6532efa366013f0e

  • SHA1

    3739554919ac64ab2be2eb06e34ce8118ac4cd26

  • SHA256

    8496ac1c9e019094d362cce98f500ea401e6c677bce0bff79880695b3fb70746

  • SHA512

    24f0deb8e9701c5dde8c76d39bf9428c95b954e9fcf4ba31a5be6a64a126b9fd4901363801ac39958dab983386803e0d5d36081db75b1298a807fe5cd1569936

  • SSDEEP

    384:WjqzhMhpcxxXjyjyRE2s2XdRgFZQDNveFfhh89eLOBAD4MSb:WjKhYpexOcE2s20gve/h898OKHU

Score
9/10
upx

Malware Config

Targets

    • Target

      8496ac1c9e019094d362cce98f500ea401e6c677bce0bff79880695b3fb70746

    • Size

      22KB

    • MD5

      cf6dee22f21bb92e6532efa366013f0e

    • SHA1

      3739554919ac64ab2be2eb06e34ce8118ac4cd26

    • SHA256

      8496ac1c9e019094d362cce98f500ea401e6c677bce0bff79880695b3fb70746

    • SHA512

      24f0deb8e9701c5dde8c76d39bf9428c95b954e9fcf4ba31a5be6a64a126b9fd4901363801ac39958dab983386803e0d5d36081db75b1298a807fe5cd1569936

    • SSDEEP

      384:WjqzhMhpcxxXjyjyRE2s2XdRgFZQDNveFfhh89eLOBAD4MSb:WjKhYpexOcE2s20gve/h898OKHU

    Score
    9/10
    upx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks