Overview

overview

8

Static

static

7

202303060202152.exe

windows7-x64

8

202303060202152.exe

windows10-2004-x64

8

Resubmissions

07/03/2023, 19:39

230307-ydewyaba31 8

07/03/2023, 19:36

230307-ya8pvabe76 7

Sharing

Copy URL Twitter E-mail

General

  • Target

    202303060202152.bin.zip

  • Size

    2.6MB

  • Sample

    230307-ydewyaba31

  • MD5

    e5d38db516ddd0f65c4655b046f83aba

  • SHA1

    024635190b6b9392bef6e072af97a27a4f3629f2

  • SHA256

    5b1f019244466c05b00977f6775ebca64dc0698cb0c81a1722a8b478e6f7cbbd

  • SHA512

    66a1e496811b0b5ca1cf5ac35aab9b2fb00030ac595d1d152c2a61c2c859889718f43d40ff1ad3c2cbcd0dcf93e2afabceade3d232f0ad7d45bac05d2e60683c

  • SSDEEP

    49152:AGYsMQ51jhlRpp+3OE5JUsyieQm23vK3PxLcWLYxTPkFHUx7zSZPPpTUPTLr:951dlRpo+Ebr3eQLcPxHLYpP4iEPter

Score
8/10
upx

Malware Config

Targets

    • Target

      202303060202152.bin

    • Size

      3.5MB

    • MD5

      3b4ab4203a31d3599445aa07e5734a46

    • SHA1

      abfb81229c3295584a80b7f840ed6705605ccbf1

    • SHA256

      9cb5e5a87d2dd89e237b75351840c574b38df763ca5345baeaa3d7b1884ac8dd

    • SHA512

      d1722557b1f34f7cd01d528533e44f33f7bd1a1bf0628fb5185a6165b6c80e7a345a49e0eeaedff926c1e21c82387f7879c24b25a0485273e94387aa8e9ea41f

    • SSDEEP

      49152:omSwlEgEB7+1mMOFlY/0bO5vGbAY4GPx/7JQ5okCkPSu:omhEgcy0HO5vGbAY4GhNi5xP

    Score
    8/10
    upx

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks