Overview

overview

8

Static

static

3

StarX.exe

windows10-1703-x64

8

StarX.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    StarX.exe

  • Size

    52KB

  • Sample

    230923-z91c7aae4v

  • MD5

    9e7c9bb992e37e63eaedbcb1c7e0df9c

  • SHA1

    042d1051b07b8f0631223499cf0d72a612110e6c

  • SHA256

    c346225d27dd7d5a504cc6e517485b10de8e54cee73840eca31f94d3d036e06e

  • SHA512

    5116e82484409b2b6888931c765adf06c78365d5ea4d0f61690a4ed5a6c0d3febb44ab79039236f9ae5ce300e0d860f89a463cf2e6d0da6ee0ceb1c1efa5ee71

  • SSDEEP

    1536:4wywEu6xc5sCq0cPRQRV7RZA6ngn6/SZz:4hu9tc09ngn6/SZz

Score
8/10
evasion

Malware Config

Targets

    • Target

      StarX.exe

    • Size

      52KB

    • MD5

      9e7c9bb992e37e63eaedbcb1c7e0df9c

    • SHA1

      042d1051b07b8f0631223499cf0d72a612110e6c

    • SHA256

      c346225d27dd7d5a504cc6e517485b10de8e54cee73840eca31f94d3d036e06e

    • SHA512

      5116e82484409b2b6888931c765adf06c78365d5ea4d0f61690a4ed5a6c0d3febb44ab79039236f9ae5ce300e0d860f89a463cf2e6d0da6ee0ceb1c1efa5ee71

    • SSDEEP

      1536:4wywEu6xc5sCq0cPRQRV7RZA6ngn6/SZz:4hu9tc09ngn6/SZz

    Score
    8/10
    evasion

    • Stops running service(s)

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks