Overview

overview

8

Static

static

c1d5933548...0b.dll

windows7-x64

8

c1d5933548...0b.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c1d593354817c25cbb37e30b36951869931ecd97ab8153afa33901bd8c27620b

  • Size

    97KB

  • Sample

    221205-hm497aef99

  • MD5

    92529a7bcbffa04b870af61d2e4e9310

  • SHA1

    1056b469e9bdf85b5b301ec695929b078a737b2c

  • SHA256

    c1d593354817c25cbb37e30b36951869931ecd97ab8153afa33901bd8c27620b

  • SHA512

    e78990a043f2e2e7f0277692c77e45ae201a57e88878fe9559f2c692b83cd59f52ed8def47e552d0dedea9263587179c4e4421c41414a83570c03e8ace62bade

  • SSDEEP

    1536:jaUjb5VF5RSQcXlhGE7ySOptiUVl7cct6xoXPPzkYdvwByw+ymW:+Un5VF5kQwleSsl4Mz7kYd03+yz

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      c1d593354817c25cbb37e30b36951869931ecd97ab8153afa33901bd8c27620b

    • Size

      97KB

    • MD5

      92529a7bcbffa04b870af61d2e4e9310

    • SHA1

      1056b469e9bdf85b5b301ec695929b078a737b2c

    • SHA256

      c1d593354817c25cbb37e30b36951869931ecd97ab8153afa33901bd8c27620b

    • SHA512

      e78990a043f2e2e7f0277692c77e45ae201a57e88878fe9559f2c692b83cd59f52ed8def47e552d0dedea9263587179c4e4421c41414a83570c03e8ace62bade

    • SSDEEP

      1536:jaUjb5VF5RSQcXlhGE7ySOptiUVl7cct6xoXPPzkYdvwByw+ymW:+Un5VF5kQwleSsl4Mz7kYd03+yz

    Score
    8/10
    persistenceupx

    • Blocklisted process makes network request

    • Sets DLL path for service in the registry

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks