Overview

overview

7

Static

static

3

Xshell_Setup.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Xshell_Setup.exe1

  • Size

    944KB

  • Sample

    231123-k7k36agh67

  • MD5

    ab2145bca4f67305b967261c5bafe65c

  • SHA1

    4e2028a6449f5c210f0e6e06b19843ab84ea2bea

  • SHA256

    14be34894bcd2f3f5a90cbc134e31ece19a2115fef974838b6deb8e9458ec3fd

  • SHA512

    fee4527266064375494da72ffa748c4d91de0666f68e04bee15e0649600310d74ac4fc6b02d0c3d9bb275073c8d62d647fde5cf34a2ce857d1c29c74b8ee4968

  • SSDEEP

    12288:oxm1B2l3PNX++o49vdG4HHuCSs0lRt3v0fqBSiZrNV6PEslb7:JBa3R++XzG4HHufs+tf0fYZZO17

Score
7/10
upx

Malware Config

Targets

    • Target

      Xshell_Setup.exe1

    • Size

      944KB

    • MD5

      ab2145bca4f67305b967261c5bafe65c

    • SHA1

      4e2028a6449f5c210f0e6e06b19843ab84ea2bea

    • SHA256

      14be34894bcd2f3f5a90cbc134e31ece19a2115fef974838b6deb8e9458ec3fd

    • SHA512

      fee4527266064375494da72ffa748c4d91de0666f68e04bee15e0649600310d74ac4fc6b02d0c3d9bb275073c8d62d647fde5cf34a2ce857d1c29c74b8ee4968

    • SSDEEP

      12288:oxm1B2l3PNX++o49vdG4HHuCSs0lRt3v0fqBSiZrNV6PEslb7:JBa3R++XzG4HHufs+tf0fYZZO17

    Score
    7/10
    upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks