Overview

overview

7

Static

static

3

2c54eaf5f7...33.exe

windows7-x64

7

2c54eaf5f7...33.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2c54eaf5f73673f9510f1656ccd08433

  • Size

    416KB

  • Sample

    231231-hnvr5sadhp

  • MD5

    2c54eaf5f73673f9510f1656ccd08433

  • SHA1

    056bf89ee280b1b3a293345a8a44bb7843903c5b

  • SHA256

    dd382b9a694da32c87f6c4e7b62cce3f2e421330f1016781e443a7ddc142e7f7

  • SHA512

    80fe4d48b91fd59c1dbe5a15cec64ee82c7a402cae7750ee984d3be573c1e16a36e52b005787b866c04366117481afd925a50101a32bf2b1bac41a4a8522055a

  • SSDEEP

    6144:b0h3b0nyI44xP+BfJ0Moadp4oGL9wnSkgioJ553a5KV+MzLObSITnUvyklXWF:4h3bMyI44YBHnXM55j+ALO2IuLS

Score
7/10
persistenceupx

Malware Config

Targets

    • Target

      2c54eaf5f73673f9510f1656ccd08433

    • Size

      416KB

    • MD5

      2c54eaf5f73673f9510f1656ccd08433

    • SHA1

      056bf89ee280b1b3a293345a8a44bb7843903c5b

    • SHA256

      dd382b9a694da32c87f6c4e7b62cce3f2e421330f1016781e443a7ddc142e7f7

    • SHA512

      80fe4d48b91fd59c1dbe5a15cec64ee82c7a402cae7750ee984d3be573c1e16a36e52b005787b866c04366117481afd925a50101a32bf2b1bac41a4a8522055a

    • SSDEEP

      6144:b0h3b0nyI44xP+BfJ0Moadp4oGL9wnSkgioJ553a5KV+MzLObSITnUvyklXWF:4h3bMyI44YBHnXM55j+ALO2IuLS

    Score
    7/10
    persistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks