Overview

overview

8

Static

static

8

8849ec2803...7d.exe

windows7-x64

8

8849ec2803...7d.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8849ec2803d8ff9bc1dad3148efb8a0033a29558d5140d53007d28226e99307d

  • Size

    56KB

  • Sample

    221203-vn8efsdd2x

  • MD5

    84b2b0d5fbcf7cfb67651107ed06dce8

  • SHA1

    3fa7799851207d739381c7450d70018890bcfa6d

  • SHA256

    8849ec2803d8ff9bc1dad3148efb8a0033a29558d5140d53007d28226e99307d

  • SHA512

    4130be668610b979a918922ac3eb5185bae7ba94b7d3da9a8a0b65b8ffb9c6cfb243fc88e499fc74d06958d07b1229b03ecd02041fba38da3631aa39ba6cfa6c

  • SSDEEP

    768:YkOoNQRx7W32mLBtBTdiR8bVSnMQS7qoZkXdWHKCH+qRKv+YfTa8Ua0x:YUKRx3mttdd72o7quUYqCH1a+AFU1x

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      8849ec2803d8ff9bc1dad3148efb8a0033a29558d5140d53007d28226e99307d

    • Size

      56KB

    • MD5

      84b2b0d5fbcf7cfb67651107ed06dce8

    • SHA1

      3fa7799851207d739381c7450d70018890bcfa6d

    • SHA256

      8849ec2803d8ff9bc1dad3148efb8a0033a29558d5140d53007d28226e99307d

    • SHA512

      4130be668610b979a918922ac3eb5185bae7ba94b7d3da9a8a0b65b8ffb9c6cfb243fc88e499fc74d06958d07b1229b03ecd02041fba38da3631aa39ba6cfa6c

    • SSDEEP

      768:YkOoNQRx7W32mLBtBTdiR8bVSnMQS7qoZkXdWHKCH+qRKv+YfTa8Ua0x:YUKRx3mttdd72o7quUYqCH1a+AFU1x

    Score
    8/10
    persistenceupx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks