Overview

overview

7

Static

static

7

196bd30318...59.exe

windows7-x64

7

196bd30318...59.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    196bd30318bc4cf06b07303cc0848d59

  • Size

    579KB

  • Sample

    231230-qb1rmadhck

  • MD5

    196bd30318bc4cf06b07303cc0848d59

  • SHA1

    7fc04b176ed62fd1418992880d316eab6f8c8cb8

  • SHA256

    15b4f96a1583f87b47448119303be07a2662e1b7fd5966ca37e98d109553a350

  • SHA512

    8d0235a8e8996c9203ca42ce4d6eed191edbabc6ef0ebae0dad214b9b4d03488a272b210fa10b183489833b066e094afe79beb32d7404167b5a13806928f9c02

  • SSDEEP

    12288:Ba8tMs/W9YKO89gyTpzBNNFs1VlHXgn9lmpDb5epgKYQFq:BzM4IY/89gwpzBNuVlHXgnjmVKYIq

Score
7/10
upx

Malware Config

Targets

    • Target

      196bd30318bc4cf06b07303cc0848d59

    • Size

      579KB

    • MD5

      196bd30318bc4cf06b07303cc0848d59

    • SHA1

      7fc04b176ed62fd1418992880d316eab6f8c8cb8

    • SHA256

      15b4f96a1583f87b47448119303be07a2662e1b7fd5966ca37e98d109553a350

    • SHA512

      8d0235a8e8996c9203ca42ce4d6eed191edbabc6ef0ebae0dad214b9b4d03488a272b210fa10b183489833b066e094afe79beb32d7404167b5a13806928f9c02

    • SSDEEP

      12288:Ba8tMs/W9YKO89gyTpzBNNFs1VlHXgn9lmpDb5epgKYQFq:BzM4IY/89gwpzBNuVlHXgnjmVKYIq

    Score
    7/10
    upx

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks