Overview

overview

9

Static

static

1

ddab3f303c...50.exe

windows7-x64

9

ddab3f303c...50.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ddab3f303c73af5d177f3184460bf252086070d4903b5a2e62d10d7d2746ca50

  • Size

    672KB

  • Sample

    221205-hteywabc9y

  • MD5

    fabb7f9d68af13cf3d1b7ef960de873b

  • SHA1

    c85c35e4bc3d31df0b01e1cc7aa853fa267f5ff9

  • SHA256

    ddab3f303c73af5d177f3184460bf252086070d4903b5a2e62d10d7d2746ca50

  • SHA512

    3389dfc6c7c9d3f39568c73b304c25ee3a9535ce953b331e01a91eac17176e2ed87c0e856994c4a4aede6705b980bef72c34be09e7a53dfe4c2990bf8540c0f5

  • SSDEEP

    12288:3p55AjS3kgycFN2HCUU5n7n8qxGupT4gPw9dWl73VELvUZeN9:3pvAjSYniUg8qxLqgPw9Ul7lQvoE9

Score
9/10
upx

Malware Config

Targets

    • Target

      ddab3f303c73af5d177f3184460bf252086070d4903b5a2e62d10d7d2746ca50

    • Size

      672KB

    • MD5

      fabb7f9d68af13cf3d1b7ef960de873b

    • SHA1

      c85c35e4bc3d31df0b01e1cc7aa853fa267f5ff9

    • SHA256

      ddab3f303c73af5d177f3184460bf252086070d4903b5a2e62d10d7d2746ca50

    • SHA512

      3389dfc6c7c9d3f39568c73b304c25ee3a9535ce953b331e01a91eac17176e2ed87c0e856994c4a4aede6705b980bef72c34be09e7a53dfe4c2990bf8540c0f5

    • SSDEEP

      12288:3p55AjS3kgycFN2HCUU5n7n8qxGupT4gPw9dWl73VELvUZeN9:3pvAjSYniUg8qxLqgPw9Ul7lQvoE9

    Score
    9/10
    upx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks