Overview

overview

7

Static

static

3

295a3200c0...01.exe

windows7-x64

7

295a3200c0...01.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    295a3200c04e6b754cb530dad1a3ab42c63417ae1dfb2f5e85a60a18f780aa01.zip

  • Size

    958KB

  • Sample

    240102-jnza1adghm

  • MD5

    09b2fda60146d221aa1ad232787fc5c2

  • SHA1

    a2d330f4259748829817e812174e896eaa5c86d4

  • SHA256

    6afdf45c318446f0cc526df3a6246173323321e13e92d3b03f970700fbd16de7

  • SHA512

    fe40b8415c54f386bddc240d06322b886826e42c393c503739dcab530918bffa5e5f80f33f1991e0080e62e054e2d1dd3ddfd34454a77dff3102c2d23b8b34ac

  • SSDEEP

    12288:7sstYHOTh5/Gs4utqZ+vHOB3JrP3921zZBwrzN0GLBqnuoLyLD/Tx4WPv4LmL04F:7AS3u1FpB332ZUrR04To2P/TOrmFpT44

Score
7/10
persistenceupx

Malware Config

Targets

    • Target

      295a3200c04e6b754cb530dad1a3ab42c63417ae1dfb2f5e85a60a18f780aa01

    • Size

      991KB

    • MD5

      648f432b41f3bcebc1a599f529055cf0

    • SHA1

      4f471faee4fc4e3780af7df8d62ecade8c923531

    • SHA256

      295a3200c04e6b754cb530dad1a3ab42c63417ae1dfb2f5e85a60a18f780aa01

    • SHA512

      764c7f01c87b104c1d69d5f3f2829bb0628e33ed939c4a1507f96555d2796715228933850260dd6c1b24a9e3b4630dea7ad23556d41c369bf62c96c79dad4013

    • SSDEEP

      24576:TYeLZrJNRfx+YQfF0Fl7JkYJoqsf8KFPbVO/:BVJNRfwYUaZ+ilK/O

    Score
    7/10
    persistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks