ce9961d9cf42ae3d375520e12e915b544ede3dca31f4d602c2b829ec4d47872d | Triage

Submit
Reports

Overview

overview

8

Static

static

ce9961d9cf...2d.exe

windows7-x64

ce9961d9cf...2d.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

ce9961d9cf42ae3d375520e12e915b544ede3dca31f4d602c2b829ec4d47872d
Size

124KB
Sample

221206-yacx6sga22
MD5

a46137458203e4098bf75b68b9e9064c
SHA1

c14b9d1fbbf582986b15696ffaaa64d67605aaef
SHA256

ce9961d9cf42ae3d375520e12e915b544ede3dca31f4d602c2b829ec4d47872d
SHA512

675fe276b844c59034af15937da85f7fc5ae63ece394e4c657c830660706edc3594eb80254c47edb984998120bfe86966e6f04d7abd93e7274e9bbea63b54f2a
SSDEEP

1536:TWyDjOy+RmiW0GLJIGJIa4tN5hzVPBm3nYvCPHV2+x0pdLKic8:rOy+RmL0Xn50NSdDc8

Score

8^/10

persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

ce9961d9cf42ae3d375520e12e915b544ede3dca31f4d602c2b829ec4d47872d.exe

Resource

win7-20220812-en

persistence upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

ce9961d9cf42ae3d375520e12e915b544ede3dca31f4d602c2b829ec4d47872d.exe

Resource

win10v2004-20220812-en

persistence upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  ce9961d9cf42ae3d375520e12e915b544ede3dca31f4d602c2b829ec4d47872d
- Size
  
  124KB
- MD5
  
  a46137458203e4098bf75b68b9e9064c
- SHA1
  
  c14b9d1fbbf582986b15696ffaaa64d67605aaef
- SHA256
  
  ce9961d9cf42ae3d375520e12e915b544ede3dca31f4d602c2b829ec4d47872d
- SHA512
  
  675fe276b844c59034af15937da85f7fc5ae63ece394e4c657c830660706edc3594eb80254c47edb984998120bfe86966e6f04d7abd93e7274e9bbea63b54f2a
- SSDEEP
  
  1536:TWyDjOy+RmiW0GLJIGJIa4tN5hzVPBm3nYvCPHV2+x0pdLKic8:rOy+RmL0Xn50NSdDc8
Score

8^/10

persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy