Overview

overview

8

Static

static

b7941449f2...d2.exe

windows7-x64

8

b7941449f2...d2.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b7941449f27afa06d711f27dcc8a84cee5c01ca527d6b739359eab6e403941d2

  • Size

    494KB

  • Sample

    221206-r4w5ksbb5s

  • MD5

    2654cef31047b4f4cce31abc4350e3bb

  • SHA1

    c46622ba00943d0419d23862b2cf785dafeb9c4b

  • SHA256

    b7941449f27afa06d711f27dcc8a84cee5c01ca527d6b739359eab6e403941d2

  • SHA512

    a02e6c015c74e7dc12ae2b224b8c4f52d92f2ea92615381eab2fc32d530133905dbc3b6be2630d35cfe32cc3432ec46f6b961807f67768d3e49f752c5b77429d

  • SSDEEP

    12288:DDNkFa5fF7RTX979xwJyTW7DsVpCZYyJRTeJSSGL4:DJ+gF1tTyyTW7CpeYQTeJSHL4

Score
8/10
collectiondiscoveryupx

Malware Config

Targets

    • Target

      b7941449f27afa06d711f27dcc8a84cee5c01ca527d6b739359eab6e403941d2

    • Size

      494KB

    • MD5

      2654cef31047b4f4cce31abc4350e3bb

    • SHA1

      c46622ba00943d0419d23862b2cf785dafeb9c4b

    • SHA256

      b7941449f27afa06d711f27dcc8a84cee5c01ca527d6b739359eab6e403941d2

    • SHA512

      a02e6c015c74e7dc12ae2b224b8c4f52d92f2ea92615381eab2fc32d530133905dbc3b6be2630d35cfe32cc3432ec46f6b961807f67768d3e49f752c5b77429d

    • SSDEEP

      12288:DDNkFa5fF7RTX979xwJyTW7DsVpCZYyJRTeJSSGL4:DJ+gF1tTyyTW7CpeYQTeJSHL4

    Score
    8/10
    collectiondiscoveryupx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Accesses Microsoft Outlook profiles

      collection

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks