Overview

overview

8

Static

static

7

461a2f653e...05.exe

windows7-x64

8

461a2f653e...05.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    461a2f653e6aae77864504415632ac05

  • Size

    123KB

  • Sample

    240106-nf2hlsgcf3

  • MD5

    461a2f653e6aae77864504415632ac05

  • SHA1

    b94f9f8b4647063ac14a7545257a3ce0a0149030

  • SHA256

    33ae24ca07faa324260b402466affa5016ba5e9581026624340dc45e34ce6b2b

  • SHA512

    a30988b2731918564bae03062351a640212557ee3aa4742b5937af8e16eb80e1a2f6b32db17667297d3ddefaf1cefeae9df34b7cd49747d48801b1ce12ac3ad2

  • SSDEEP

    3072:OeSQ41MZrrOwzrq5Ss9eYfphfFQkUcot3EpeBWLLGLvC2Q:OVYrJrOSsRwcpQL6b

Score
8/10
upx

Malware Config

Targets

    • Target

      461a2f653e6aae77864504415632ac05

    • Size

      123KB

    • MD5

      461a2f653e6aae77864504415632ac05

    • SHA1

      b94f9f8b4647063ac14a7545257a3ce0a0149030

    • SHA256

      33ae24ca07faa324260b402466affa5016ba5e9581026624340dc45e34ce6b2b

    • SHA512

      a30988b2731918564bae03062351a640212557ee3aa4742b5937af8e16eb80e1a2f6b32db17667297d3ddefaf1cefeae9df34b7cd49747d48801b1ce12ac3ad2

    • SSDEEP

      3072:OeSQ41MZrrOwzrq5Ss9eYfphfFQkUcot3EpeBWLLGLvC2Q:OVYrJrOSsRwcpQL6b

    Score
    8/10
    upx

    • Manipulates Digital Signatures

      Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks