7c3e0935acf498c938f39c22e68c64c06b60c80ab9ed9092cd08d29777e38971 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

7c3e0935ac...71.exe

windows7-x64

7

7c3e0935ac...71.exe

windows10-2004-x64

7

Sharing

General

Target

7c3e0935acf498c938f39c22e68c64c06b60c80ab9ed9092cd08d29777e38971
Size

12.8MB
Sample

230529-m398labd78
MD5

23aeddf11f5d375255dc1cceda9885dd
SHA1

1aecdd9902df654e6064729294d65e025a51e6ba
SHA256

7c3e0935acf498c938f39c22e68c64c06b60c80ab9ed9092cd08d29777e38971
SHA512

d2368e7aeb7f1a9bce1ba81c8a1d655e6c3329e16ae3dfcf18c1570089121b6a77981acf52c4cfe11262379019466683514206812b6a57c5c29217ab2e8494bc
SSDEEP

393216:Th/7ZPGNCBXs7ri7/WVLcXlVDOtceTPmCFu02AYl+ecMZI0B:1/7MNC4ri7/WVMicW5D2AKX+0B

Score

7^/10

aspackv2 upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

7c3e0935acf498c938f39c22e68c64c06b60c80ab9ed9092cd08d29777e38971.exe

Resource

win7-20230220-en

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

7c3e0935acf498c938f39c22e68c64c06b60c80ab9ed9092cd08d29777e38971.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

16 signatures

150 seconds

Malware Config

Targets

- Target
  
  7c3e0935acf498c938f39c22e68c64c06b60c80ab9ed9092cd08d29777e38971
- Size
  
  12.8MB
- MD5
  
  23aeddf11f5d375255dc1cceda9885dd
- SHA1
  
  1aecdd9902df654e6064729294d65e025a51e6ba
- SHA256
  
  7c3e0935acf498c938f39c22e68c64c06b60c80ab9ed9092cd08d29777e38971
- SHA512
  
  d2368e7aeb7f1a9bce1ba81c8a1d655e6c3329e16ae3dfcf18c1570089121b6a77981acf52c4cfe11262379019466683514206812b6a57c5c29217ab2e8494bc
- SSDEEP
  
  393216:Th/7ZPGNCBXs7ri7/WVLcXlVDOtceTPmCFu02AYl+ecMZI0B:1/7MNC4ri7/WVMicW5D2AKX+0B
Score

7^/10

aspackv2 upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy