Overview

overview

7

Static

static

7

Clip1.exe

windows7-x64

7

Clip1.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    Clip1.exe

  • Size

    7.7MB

  • Sample

    230322-egr6wsef93

  • MD5

    fa0e319484845c1333e5c1e621659027

  • SHA1

    16c33976ef8a5aa1114f2bef9feea5007fa7491e

  • SHA256

    d3d00022e02c57c638d7738e661be715aa74866d8b7495e74b72e0c0f75695dd

  • SHA512

    a9769f0568ea6a05303e2eed6c93b7fab2dda8e9ae6d7d398270b0ef5c9b74884e84842c7b9566f38f772a06eee3a40609f8b412ff96544435a0c852ddb3ebed

  • SSDEEP

    196608:zLBJsvAF7+ftEtuzyeXprQ9z2y6EZaAF5XfpXXIBQQ:zLB+vA9ytEtIJXpGzJzQMfpnIB

Score
7/10
persistenceupx

Malware Config

Targets

    • Target

      Clip1.exe

    • Size

      7.7MB

    • MD5

      fa0e319484845c1333e5c1e621659027

    • SHA1

      16c33976ef8a5aa1114f2bef9feea5007fa7491e

    • SHA256

      d3d00022e02c57c638d7738e661be715aa74866d8b7495e74b72e0c0f75695dd

    • SHA512

      a9769f0568ea6a05303e2eed6c93b7fab2dda8e9ae6d7d398270b0ef5c9b74884e84842c7b9566f38f772a06eee3a40609f8b412ff96544435a0c852ddb3ebed

    • SSDEEP

      196608:zLBJsvAF7+ftEtuzyeXprQ9z2y6EZaAF5XfpXXIBQQ:zLB+vA9ytEtIJXpGzJzQMfpnIB

    Score
    7/10
    persistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks