Overview

overview

7

Static

static

1

multihacks.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    multihacks.exe

  • Size

    14.1MB

  • Sample

    230323-3ahkwacg8t

  • MD5

    468716922a730360e78ae1ade6002238

  • SHA1

    035e5e52d02bee4f3cb56e1545c598ac7cb84422

  • SHA256

    5ace2b34707f592d4df3756eef784614808e78760f31a71b5b249a9e91b2f08b

  • SHA512

    71274529bd7c1be60cbc11f14bf69428fb7937f373665aecdc6ce7088fd093ce04a909ea9b8a72eb073d0f646453c512a839c0a38a2a342d8fb0da22a72bf3df

  • SSDEEP

    393216:xNNl5X5jGindAVparsPrgx+Ru6LoqABtGsipvcWo0McHHuy:35X5RA8UrBQ6Mq27itcgJHOy

Score
7/10
pyinstallerupx

Malware Config

Targets

    • Target

      multihacks.exe

    • Size

      14.1MB

    • MD5

      468716922a730360e78ae1ade6002238

    • SHA1

      035e5e52d02bee4f3cb56e1545c598ac7cb84422

    • SHA256

      5ace2b34707f592d4df3756eef784614808e78760f31a71b5b249a9e91b2f08b

    • SHA512

      71274529bd7c1be60cbc11f14bf69428fb7937f373665aecdc6ce7088fd093ce04a909ea9b8a72eb073d0f646453c512a839c0a38a2a342d8fb0da22a72bf3df

    • SSDEEP

      393216:xNNl5X5jGindAVparsPrgx+Ru6LoqABtGsipvcWo0McHHuy:35X5RA8UrBQ6Mq27itcgJHOy

    Score
    7/10
    pyinstallerupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks