Overview

overview

8

Static

static

8

baa8b0e7b6...d2.exe

windows7-x64

8

baa8b0e7b6...d2.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    baa8b0e7b65e990b9caf3861100ecdbca2d92a2e660e2b7461cd83bc8bf72bd2

  • Size

    220KB

  • Sample

    221203-by1mtadc44

  • MD5

    6d575e2b2085a08b5fea5df2150d6b72

  • SHA1

    9c66c7bc798b327ac99f6baec07c4a8bc5939de2

  • SHA256

    baa8b0e7b65e990b9caf3861100ecdbca2d92a2e660e2b7461cd83bc8bf72bd2

  • SHA512

    b4f527ef670d32c9c9d9133aa3558746528542f7f118a07d9536892872b17d4680e00dee5051b939f6fdb20f82adb7ee10cc272cd63e9d891f706ee0c3f01911

  • SSDEEP

    6144:WBbIlDMskSTJr1My5deF/pnWBSoh138n6gj1rV:4qMstrJ8n6O1rV

Score
8/10
evasiontrojanupx

Malware Config

Targets

    • Target

      baa8b0e7b65e990b9caf3861100ecdbca2d92a2e660e2b7461cd83bc8bf72bd2

    • Size

      220KB

    • MD5

      6d575e2b2085a08b5fea5df2150d6b72

    • SHA1

      9c66c7bc798b327ac99f6baec07c4a8bc5939de2

    • SHA256

      baa8b0e7b65e990b9caf3861100ecdbca2d92a2e660e2b7461cd83bc8bf72bd2

    • SHA512

      b4f527ef670d32c9c9d9133aa3558746528542f7f118a07d9536892872b17d4680e00dee5051b939f6fdb20f82adb7ee10cc272cd63e9d891f706ee0c3f01911

    • SSDEEP

      6144:WBbIlDMskSTJr1My5deF/pnWBSoh138n6gj1rV:4qMstrJ8n6O1rV

    Score
    8/10
    evasiontrojanupx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks