Overview

overview

7

Static

static

3

19870f84b0...78.exe

windows7-x64

7

19870f84b0...78.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    19870f84b02c76f49219510e6cdf6fb8375325a5a3d4f0afbbd8b88cceb9e878.exe.zip

  • Size

    88.4MB

  • Sample

    231031-rbmqfabb44

  • MD5

    d6c71dc9a9404188e8f601eb4b93b400

  • SHA1

    193d390ccd0aaa27493a5b9a0b5914fb324517d2

  • SHA256

    c45f3d6e119324a0381903df0d3ad7feafee9affba8f0dc3e2263183e376c313

  • SHA512

    3acb19bffed7948de6aa1d4da568a1c095ab6a67a8dc7e60cc872ca73b00cc775394c54e10916ffdfdc0868fe7e50bbba4fafaa6f2fba55499f2007ff64d253a

  • SSDEEP

    1572864:lkKGllLQgfimXlTziwK3gLDj+gEhMN5Ss3M7c0QUXKpZnLjmz+lcAbCylopU:lElKwFVawK3gbLUMDSp7BKpZnnxGvU

Score
7/10
discoveryupx

Malware Config

Targets

    • Target

      19870f84b02c76f49219510e6cdf6fb8375325a5a3d4f0afbbd8b88cceb9e878.exe

    • Size

      89.5MB

    • MD5

      29b65192dded2499cbfa4da86fff8d63

    • SHA1

      504d4e3a028dfa8b25ace7f7e65e8e50762e2a94

    • SHA256

      19870f84b02c76f49219510e6cdf6fb8375325a5a3d4f0afbbd8b88cceb9e878

    • SHA512

      2e857feef8d67cf5e724f11dd8bbb5d71e8e0d7b6bbb97bfe3390a69a8ec26252489642cb917a97d7476ecad39ea22392fc8374cbf91ae8ed2d7db63a2581d0c

    • SSDEEP

      1572864:GVTlgywHTuSQBem/SSde6JUgdjlROqNnVyizOAkR5TwoDTTwoD5:YTlgBT1jzSLjTOMR6YoDQoD5

    Score
    7/10
    discoveryupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks