Overview

overview

9

Static

static

9

b2797a6c55...b2.dll

windows7-x64

8

b2797a6c55...b2.dll

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    b2797a6c55267e3ca1743767c8ee95a13f262f013cb90ea9ffc0869358ce88b2

  • Size

    26KB

  • Sample

    221206-1a82qahc51

  • MD5

    fb8404128eb95187e46854b366b4cef7

  • SHA1

    9bdd8edd6d6ca2f240ba0aeff50edd72e193811b

  • SHA256

    b2797a6c55267e3ca1743767c8ee95a13f262f013cb90ea9ffc0869358ce88b2

  • SHA512

    65cd1ec3bcf1586a3bc85b65df537a6501e58235da75abb736688836e2ef3e4867420e94cee86ce88043b8b013f639b48a01b600b52899cb741d7bc5aa335d69

  • SSDEEP

    384:cCyzkscPVcdw5wpcRFQ5LLcE17W4lbKwEtezeDLGFI7pMbGMLwBfK+D5NWUDSnwB:cCGXewOQ5LL3o4lbznFaAgxpNpRB

Score
9/10
persistenceupx

Malware Config

Targets

    • Target

      b2797a6c55267e3ca1743767c8ee95a13f262f013cb90ea9ffc0869358ce88b2

    • Size

      26KB

    • MD5

      fb8404128eb95187e46854b366b4cef7

    • SHA1

      9bdd8edd6d6ca2f240ba0aeff50edd72e193811b

    • SHA256

      b2797a6c55267e3ca1743767c8ee95a13f262f013cb90ea9ffc0869358ce88b2

    • SHA512

      65cd1ec3bcf1586a3bc85b65df537a6501e58235da75abb736688836e2ef3e4867420e94cee86ce88043b8b013f639b48a01b600b52899cb741d7bc5aa335d69

    • SSDEEP

      384:cCyzkscPVcdw5wpcRFQ5LLcE17W4lbKwEtezeDLGFI7pMbGMLwBfK+D5NWUDSnwB:cCGXewOQ5LL3o4lbznFaAgxpNpRB

    Score
    8/10
    persistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Modifies WinLogon

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks