Overview

overview

8

Static

static

8

9e1e40c01c...9f.exe

windows7-x64

8

9e1e40c01c...9f.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    9e1e40c01cdcd78ee32950c383db60b32bc65169e8f570420a335123aaa3b49f

  • Size

    112KB

  • Sample

    221205-2xdprseg76

  • MD5

    64a844ed1f6550098e89df3fbb76277a

  • SHA1

    d8cf8e1182146bd1ac44404f3e348eedb5df2590

  • SHA256

    9e1e40c01cdcd78ee32950c383db60b32bc65169e8f570420a335123aaa3b49f

  • SHA512

    06f89ded701a43038b0c3bb3869a7388818ae46905a107e08765517965af63b927b6287639051136ef20ed991b658c6529d30698f40f849d3d2dcc20b5fd26d4

  • SSDEEP

    3072:6mi+/dgy5Ef8doutaZZYCajVJ4n27cqcjM:6tSEf+oSaR6PW27ej

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      9e1e40c01cdcd78ee32950c383db60b32bc65169e8f570420a335123aaa3b49f

    • Size

      112KB

    • MD5

      64a844ed1f6550098e89df3fbb76277a

    • SHA1

      d8cf8e1182146bd1ac44404f3e348eedb5df2590

    • SHA256

      9e1e40c01cdcd78ee32950c383db60b32bc65169e8f570420a335123aaa3b49f

    • SHA512

      06f89ded701a43038b0c3bb3869a7388818ae46905a107e08765517965af63b927b6287639051136ef20ed991b658c6529d30698f40f849d3d2dcc20b5fd26d4

    • SSDEEP

      3072:6mi+/dgy5Ef8doutaZZYCajVJ4n27cqcjM:6tSEf+oSaR6PW27ej

    Score
    8/10
    upxpersistence

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks