Overview

overview

7

Static

static

3

00f80f841b...f5.exe

windows7-x64

7

00f80f841b...f5.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    00f80f841bce6cca61763706daf6a4f5

  • Size

    236KB

  • Sample

    231229-xh4kesdhcq

  • MD5

    00f80f841bce6cca61763706daf6a4f5

  • SHA1

    28550e751ee3aa0e6e212fec2aa108946057b2c3

  • SHA256

    c64c94a330a2b19899850345834f3be225769f34a3748f9e5b9a1e78f72bf72f

  • SHA512

    c3c5e21071a6e63babd6363af24e63f0ed5011d875a99ddf47068d5aec2af5525fd2823d7f438c45a7408d3a664dfa26d8662ae7770df67282ccd9589794d7d9

  • SSDEEP

    6144:PFMlZvcE6kThJlNqPNGKBa23+wt0Vk++q:NmvQEhDAPoZwt0V3P

Score
7/10
upx

Malware Config

Targets

    • Target

      00f80f841bce6cca61763706daf6a4f5

    • Size

      236KB

    • MD5

      00f80f841bce6cca61763706daf6a4f5

    • SHA1

      28550e751ee3aa0e6e212fec2aa108946057b2c3

    • SHA256

      c64c94a330a2b19899850345834f3be225769f34a3748f9e5b9a1e78f72bf72f

    • SHA512

      c3c5e21071a6e63babd6363af24e63f0ed5011d875a99ddf47068d5aec2af5525fd2823d7f438c45a7408d3a664dfa26d8662ae7770df67282ccd9589794d7d9

    • SSDEEP

      6144:PFMlZvcE6kThJlNqPNGKBa23+wt0Vk++q:NmvQEhDAPoZwt0V3P

    Score
    7/10
    upx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks