Overview

overview

8

Static

static

7

1c9c16bfb8...ad.exe

windows7-x64

8

1c9c16bfb8...ad.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    1c9c16bfb83e5f2346fbd8c5e56ef2ad

  • Size

    319KB

  • Sample

    231230-z2payshhcp

  • MD5

    1c9c16bfb83e5f2346fbd8c5e56ef2ad

  • SHA1

    6e8db589970013b61f04db8e225a5f59b6de0fef

  • SHA256

    7ed008eda9b93d362a3e58a3749e57b56bc9ee1fb453a52e0f9b3544929c188d

  • SHA512

    a25f02203975c958c569cc72094af30228f28c4745ba5e65e465fe11b7f098a3ed50b1412dfd09189484e0821ab2571a85500d598c403f6102f1f8956f7adb21

  • SSDEEP

    1536:txft5rxft5rxft5rxft5rxft5rxft5rxft5rxft5rxft5o83PoSQm5fRyB:v15915915915915915915915915pQqy

Score
8/10
upx

Malware Config

Targets

    • Target

      1c9c16bfb83e5f2346fbd8c5e56ef2ad

    • Size

      319KB

    • MD5

      1c9c16bfb83e5f2346fbd8c5e56ef2ad

    • SHA1

      6e8db589970013b61f04db8e225a5f59b6de0fef

    • SHA256

      7ed008eda9b93d362a3e58a3749e57b56bc9ee1fb453a52e0f9b3544929c188d

    • SHA512

      a25f02203975c958c569cc72094af30228f28c4745ba5e65e465fe11b7f098a3ed50b1412dfd09189484e0821ab2571a85500d598c403f6102f1f8956f7adb21

    • SSDEEP

      1536:txft5rxft5rxft5rxft5rxft5rxft5rxft5rxft5rxft5o83PoSQm5fRyB:v15915915915915915915915915pQqy

    Score
    8/10
    upx

    • Drops file in Drivers directory

    • Manipulates Digital Signatures

      Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks