b20ec2bdfe468de9606dfa4276ade6bb95fad9b903b0ab1537c496e60ad8cdb4 | Triage

Submit
Reports

Overview

overview

8

Static

static

b20ec2bdfe...b4.exe

windows7-x64

3

b20ec2bdfe...b4.exe

windows10-2004-x64

8

Sharing

General

Target

b20ec2bdfe468de9606dfa4276ade6bb95fad9b903b0ab1537c496e60ad8cdb4
Size

525KB
Sample

221206-3m72asef24
MD5

15f3926bfc62adb777e785feb988e3f0
SHA1

ca297feaedbc08355000cd3c7f2e3b285f6df06f
SHA256

b20ec2bdfe468de9606dfa4276ade6bb95fad9b903b0ab1537c496e60ad8cdb4
SHA512

ec1bb9c9cdc5bc6f19c879050fdd392eafab47b5b5b6b92f4bf3c8a0cf09e025fc8f9317575b7d171f508b6c06945b1cd1fb12c580867f37cd4def4b6d630522
SSDEEP

12288:Si6fW93bu87hmkn+IHxIEAmAmhfWjkE4UQp:Sn6KihhBIfm/J

Score

8^/10

persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

b20ec2bdfe468de9606dfa4276ade6bb95fad9b903b0ab1537c496e60ad8cdb4.exe

Resource

win7-20220901-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

b20ec2bdfe468de9606dfa4276ade6bb95fad9b903b0ab1537c496e60ad8cdb4.exe

Resource

win10v2004-20220901-en

persistence upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  b20ec2bdfe468de9606dfa4276ade6bb95fad9b903b0ab1537c496e60ad8cdb4
- Size
  
  525KB
- MD5
  
  15f3926bfc62adb777e785feb988e3f0
- SHA1
  
  ca297feaedbc08355000cd3c7f2e3b285f6df06f
- SHA256
  
  b20ec2bdfe468de9606dfa4276ade6bb95fad9b903b0ab1537c496e60ad8cdb4
- SHA512
  
  ec1bb9c9cdc5bc6f19c879050fdd392eafab47b5b5b6b92f4bf3c8a0cf09e025fc8f9317575b7d171f508b6c06945b1cd1fb12c580867f37cd4def4b6d630522
- SSDEEP
  
  12288:Si6fW93bu87hmkn+IHxIEAmAmhfWjkE4UQp:Sn6KihhBIfm/J
Score

8^/10

persistence upx
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy