Overview

overview

8

Static

static

8

f0546b3ff0...1f.exe

windows7-x64

8

f0546b3ff0...1f.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    f0546b3ff09bea4b1a3cb26b11136a3388a217920163b374f48bff1b8713661f

  • Size

    545KB

  • Sample

    221204-h5bqlagd63

  • MD5

    ceaf4e60f927a7e2096803904ff354dc

  • SHA1

    90b4df8884b76d67db41403d2c66a67f69c26091

  • SHA256

    f0546b3ff09bea4b1a3cb26b11136a3388a217920163b374f48bff1b8713661f

  • SHA512

    de2fb4b27d39f96031624f784f4ff6811f0ee7357c033951a815e6124dd439608e83ceb13566d41180c945f63a9e6bd6483408f9532a7ab2f56c3a0e6613000a

  • SSDEEP

    12288:XGgt068RPhxGnKro1xepVyyiwMg1FKCd3EPwSbCJXxEhcWNSraaWh:VS9RPhxGngeFyiwM40PnCJXxEdu3A

Score
8/10
upx

Malware Config

Targets

    • Target

      f0546b3ff09bea4b1a3cb26b11136a3388a217920163b374f48bff1b8713661f

    • Size

      545KB

    • MD5

      ceaf4e60f927a7e2096803904ff354dc

    • SHA1

      90b4df8884b76d67db41403d2c66a67f69c26091

    • SHA256

      f0546b3ff09bea4b1a3cb26b11136a3388a217920163b374f48bff1b8713661f

    • SHA512

      de2fb4b27d39f96031624f784f4ff6811f0ee7357c033951a815e6124dd439608e83ceb13566d41180c945f63a9e6bd6483408f9532a7ab2f56c3a0e6613000a

    • SSDEEP

      12288:XGgt068RPhxGnKro1xepVyyiwMg1FKCd3EPwSbCJXxEhcWNSraaWh:VS9RPhxGngeFyiwM40PnCJXxEdu3A

    Score
    8/10
    upx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks