Overview

overview

8

Static

static

7

skype.exe

windows7-x64

8

skype.exe

windows10-1703-x64

8

skype.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    skype.exe

  • Size

    162KB

  • Sample

    230627-x1mdvsga8v

  • MD5

    9028cb092250ffbd30d680986776f555

  • SHA1

    0370277fdd918ec94b368d8a89306f0c6ae40e82

  • SHA256

    aa3be435b7f2b02f28c0d9c0f4911ddb5603d060760a18c15e43d08b4bfae3eb

  • SHA512

    ade07d85e4af25a7827a7da1f6033b6aea5e9c599e22f95ffc72643aff1857f5387cd018424d0b7cd11cfcd5b663c9f1a1985eeb7b973a1c62038cf4b7bf4fd4

  • SSDEEP

    3072:9VZ/VGS7rN+wF8/noutVa3v7EszT8tmtl1:9V28ofvoSI/HzThtz

Score
8/10
evasionupx

Malware Config

Targets

    • Target

      skype.exe

    • Size

      162KB

    • MD5

      9028cb092250ffbd30d680986776f555

    • SHA1

      0370277fdd918ec94b368d8a89306f0c6ae40e82

    • SHA256

      aa3be435b7f2b02f28c0d9c0f4911ddb5603d060760a18c15e43d08b4bfae3eb

    • SHA512

      ade07d85e4af25a7827a7da1f6033b6aea5e9c599e22f95ffc72643aff1857f5387cd018424d0b7cd11cfcd5b663c9f1a1985eeb7b973a1c62038cf4b7bf4fd4

    • SSDEEP

      3072:9VZ/VGS7rN+wF8/noutVa3v7EszT8tmtl1:9V28ofvoSI/HzThtz

    Score
    8/10
    evasionupx

    • Disables RegEdit via registry modification

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2behavioral3

MITRE ATT&CK Enterprise v6

Tasks