Overview

overview

9

Static

static

fd4f23fe76...bb.exe

windows7-x64

9

fd4f23fe76...bb.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    fd4f23fe7663c749e80783bc08db42647c60907840b742716048ab09f5ffe2bb

  • Size

    275KB

  • Sample

    221206-q1ekpafg3y

  • MD5

    0a57be75d094422e5af61fd616c3e304

  • SHA1

    7f20f0b150593d1ab6559332c41bae72bc7fcdb0

  • SHA256

    fd4f23fe7663c749e80783bc08db42647c60907840b742716048ab09f5ffe2bb

  • SHA512

    1dd4feced04ad213a2490342b43907e5da1a45474dcb71ed11533e8adcfeb2cb86b4c8fd2b85696128678408f555b82ef533b01fbc23c7fb3ed6ec6ec8232fc1

  • SSDEEP

    6144:f9uWL0gh/mIHFDPi+5J9pS1LZGP72YHUtLFN0SN:f9tL0gh/mMFDR0xZGPNUaSN

Score
9/10
adwareevasionstealertrojanupx

Malware Config

Targets

    • Target

      fd4f23fe7663c749e80783bc08db42647c60907840b742716048ab09f5ffe2bb

    • Size

      275KB

    • MD5

      0a57be75d094422e5af61fd616c3e304

    • SHA1

      7f20f0b150593d1ab6559332c41bae72bc7fcdb0

    • SHA256

      fd4f23fe7663c749e80783bc08db42647c60907840b742716048ab09f5ffe2bb

    • SHA512

      1dd4feced04ad213a2490342b43907e5da1a45474dcb71ed11533e8adcfeb2cb86b4c8fd2b85696128678408f555b82ef533b01fbc23c7fb3ed6ec6ec8232fc1

    • SSDEEP

      6144:f9uWL0gh/mIHFDPi+5J9pS1LZGP72YHUtLFN0SN:f9tL0gh/mMFDR0xZGPNUaSN

    Score
    9/10
    adwareevasionstealertrojanupx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Checks whether UAC is enabled

      evasiontrojan

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks