Overview

overview

8

Static

static

c1451de2af...c9.exe

windows7-x64

8

c1451de2af...c9.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c1451de2afbbdf6c7aec05741f913331000dd7d5d95eee640e71ae6fb01b1dc9

  • Size

    439KB

  • Sample

    221206-tr5bjadb55

  • MD5

    8e21a2293f84c9e15365ac7765c8a7fe

  • SHA1

    3fe6eaea02022ac80820824b9d9a9763847daedf

  • SHA256

    c1451de2afbbdf6c7aec05741f913331000dd7d5d95eee640e71ae6fb01b1dc9

  • SHA512

    de29d4c53e95594adf4e0c8730109050dab41d664911f70626d163dabc87ed9a1815b7800994777215b99890458a1fd2fcad098ae3bafc02c70cdf60d2b53331

  • SSDEEP

    6144:5ZunObR8sVImcyYC5JHz3jzB8kOQIq+3mxkyJIrC+J/pbKvCB23xqy7uXhY7pOKs:WK+mzX/6Y+4hupHQYyqXh6ZyDlgC9

Score
8/10
upx

Malware Config

Targets

    • Target

      c1451de2afbbdf6c7aec05741f913331000dd7d5d95eee640e71ae6fb01b1dc9

    • Size

      439KB

    • MD5

      8e21a2293f84c9e15365ac7765c8a7fe

    • SHA1

      3fe6eaea02022ac80820824b9d9a9763847daedf

    • SHA256

      c1451de2afbbdf6c7aec05741f913331000dd7d5d95eee640e71ae6fb01b1dc9

    • SHA512

      de29d4c53e95594adf4e0c8730109050dab41d664911f70626d163dabc87ed9a1815b7800994777215b99890458a1fd2fcad098ae3bafc02c70cdf60d2b53331

    • SSDEEP

      6144:5ZunObR8sVImcyYC5JHz3jzB8kOQIq+3mxkyJIrC+J/pbKvCB23xqy7uXhY7pOKs:WK+mzX/6Y+4hupHQYyqXh6ZyDlgC9

    Score
    8/10
    upx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks