Overview

overview

7

Static

static

1

Balabolka ...up.exe

windows7-x64

7

Balabolka ...up.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    Balabolka (For Microsoft Azure TTS) - TekVers.rar

  • Size

    21.8MB

  • Sample

    230419-jr73baba5s

  • MD5

    a3fa79d0da8b0511d8b486e5ec702fd1

  • SHA1

    8fe77bc3896cb30fe6cd17944e774b36a29bcfd5

  • SHA256

    32aa4ae7a2132b05722715eb884e39cba74980251a8bb3542513c4f299ff4be4

  • SHA512

    876e4e41e295155121be4643f2584cce0f188598b2b651d6206041b556e395955305033ec2237e3ee0e2434114a9fe3938d7a1b02ab9105b364b1a4d258337ca

  • SSDEEP

    393216:um4ChbqABWeVs2F5Rk86lTzMha45zyD4j/wo4Z9iWwAKkbt71a:Pseyq5Rk15C/yZ9iZNkbja

Score
7/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      Balabolka (For Microsoft Azure TTS) - TekVers/setup.exe

    • Size

      22.2MB

    • MD5

      27f4c66ed3cf63737bc2c3efdc3782ee

    • SHA1

      cf05abd75c64976cde7a17759697f8cefecd0869

    • SHA256

      bda578723de9d1c88941eabf517d2ff96f11edd757a62c25f4d3b70f8c460e50

    • SHA512

      45b0144327ced82f42d071561b37f34d8359cddf045641a282fa88c19a8af39bccc1e525db22e79e94b7d2be76ea69fb4b8c6d0bce9ba823806bc85e82ae0662

    • SSDEEP

      393216:ts/pdGZ5rlMmXd8DA3//6B+I3v/4TIyM6Gej4vkHpFLbY9N5Ez/aXO0Lh:t5rzdwAX6nvO5Mdh8HpFnY7k0zLh

    Score
    7/10
    discoverypersistenceupx

    • Executes dropped EXE

    • Loads dropped DLL

    • Registers COM server for autorun

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks