Overview

overview

8

Static

static

8

d027a30847...01.exe

windows7-x64

8

d027a30847...01.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d027a308475fb8d983c7aa79d01d8c381a1a3f019aeefd0b11293a857e048e01

  • Size

    566KB

  • Sample

    221204-d1zveace74

  • MD5

    3bd44394083b4f4e599c41d4a14d0735

  • SHA1

    651211307cdef8df10bca5cbdd70f7b0022f5e4a

  • SHA256

    d027a308475fb8d983c7aa79d01d8c381a1a3f019aeefd0b11293a857e048e01

  • SHA512

    03358016bf05878a59f8d451081321e7a89c86d14f274bb539c744fafa68e19d819ee4bf69fa2dc8931944d59adf8ecedeb2aa0a2e3111430daf1d61272b4a27

  • SSDEEP

    12288:O4dMRU/UP4heFjLDFtYDoS9UXZRY49SA7GI/p7a6o2Mhi9NhpJt:/wU/UwhWvLXZpSRSJo2xPpJt

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      d027a308475fb8d983c7aa79d01d8c381a1a3f019aeefd0b11293a857e048e01

    • Size

      566KB

    • MD5

      3bd44394083b4f4e599c41d4a14d0735

    • SHA1

      651211307cdef8df10bca5cbdd70f7b0022f5e4a

    • SHA256

      d027a308475fb8d983c7aa79d01d8c381a1a3f019aeefd0b11293a857e048e01

    • SHA512

      03358016bf05878a59f8d451081321e7a89c86d14f274bb539c744fafa68e19d819ee4bf69fa2dc8931944d59adf8ecedeb2aa0a2e3111430daf1d61272b4a27

    • SSDEEP

      12288:O4dMRU/UP4heFjLDFtYDoS9UXZRY49SA7GI/p7a6o2Mhi9NhpJt:/wU/UwhWvLXZpSRSJo2xPpJt

    Score
    8/10
    persistenceupx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks