Overview

overview

8

Static

static

7

Unconfirme...48.exe

windows7-x64

Resubmissions

23/09/2023, 20:25

230923-y681gsca67 8

23/09/2023, 20:16

230923-y2al5aac5z 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Unconfirmed 226848.exe

  • Size

    2.0MB

  • Sample

    230923-y2al5aac5z

  • MD5

    7177f798d7ec4dc325205fdd9c5fa753

  • SHA1

    accb343313902a997bfa5028fa27da69f0cc820a

  • SHA256

    a914d414ff94b74b685a180608462ff13dcae3586da797c34a0eb1b02dabf828

  • SHA512

    5548a3c96175e9f674c07cb67f59ad800b43766b0e075b1f245b53f924fb024157789e4d6cb6490dc9b70c3015731417863c39d9c41f0eb1a161c5d00925dc50

  • SSDEEP

    49152:2FP13ycDr/sbG33MZ9w+2/+F6dtrYvVOPyUgPq:2T3y/b0H/+F6deGXd

Score
8/10
discoveryevasiontrojanupx

Malware Config

Targets

    • Target

      Unconfirmed 226848.exe

    • Size

      2.0MB

    • MD5

      7177f798d7ec4dc325205fdd9c5fa753

    • SHA1

      accb343313902a997bfa5028fa27da69f0cc820a

    • SHA256

      a914d414ff94b74b685a180608462ff13dcae3586da797c34a0eb1b02dabf828

    • SHA512

      5548a3c96175e9f674c07cb67f59ad800b43766b0e075b1f245b53f924fb024157789e4d6cb6490dc9b70c3015731417863c39d9c41f0eb1a161c5d00925dc50

    • SSDEEP

      49152:2FP13ycDr/sbG33MZ9w+2/+F6dtrYvVOPyUgPq:2T3y/b0H/+F6deGXd

    Score
    8/10
    discoveryevasiontrojanupx

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Checks whether UAC is enabled

      evasiontrojan

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks