Overview

overview

8

Static

static

daeef846c0...62.exe

windows7-x64

8

daeef846c0...62.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    daeef846c015cf82c40415ae410935cdb6f0f3e8f79aaa6d7ed8783a10614562

  • Size

    304KB

  • Sample

    221204-ryctragg28

  • MD5

    f1e2d367c882743bebe8ded342cc96ef

  • SHA1

    fc539c9ae3c551016972c076ac7e383eba19d39c

  • SHA256

    daeef846c015cf82c40415ae410935cdb6f0f3e8f79aaa6d7ed8783a10614562

  • SHA512

    a4b79212d2cac5ba77d1ed9399f19cd34cca702d4397430cdb26589ebe11fdaf1e82cb033849ba12103d6a806f6283d1037d1e98db649d122c2dc4748e02a889

  • SSDEEP

    3072:AfUCvhQ/LMe3gBk3Ol9x4CuSqhAp08FkGRnNrdf45AjqKnoeaw:aUm6QeQHlvKhAp081nNVjqKoe

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      daeef846c015cf82c40415ae410935cdb6f0f3e8f79aaa6d7ed8783a10614562

    • Size

      304KB

    • MD5

      f1e2d367c882743bebe8ded342cc96ef

    • SHA1

      fc539c9ae3c551016972c076ac7e383eba19d39c

    • SHA256

      daeef846c015cf82c40415ae410935cdb6f0f3e8f79aaa6d7ed8783a10614562

    • SHA512

      a4b79212d2cac5ba77d1ed9399f19cd34cca702d4397430cdb26589ebe11fdaf1e82cb033849ba12103d6a806f6283d1037d1e98db649d122c2dc4748e02a889

    • SSDEEP

      3072:AfUCvhQ/LMe3gBk3Ol9x4CuSqhAp08FkGRnNrdf45AjqKnoeaw:aUm6QeQHlvKhAp081nNVjqKoe

    Score
    8/10
    persistenceupx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks