6c1ad5aaf74abb724980992dd5bb7f35a4a6911e74bfb46a15291dc6937e78de | Triage

Submit
Reports

Overview

overview

8

Static

static

7

72d1253567...69.exe

windows7-x64

8

72d1253567...69.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

72d1253567013982da303392fa5fdf69
Size

183KB
Sample

240124-xs9jesgbc6
MD5

72d1253567013982da303392fa5fdf69
SHA1

7da9835e7e94a7eb0d3e8bedcc5fba3b6ed07d33
SHA256

6c1ad5aaf74abb724980992dd5bb7f35a4a6911e74bfb46a15291dc6937e78de
SHA512

63af41de3fbc07c29e284ec69b368e5ed2231e3dc5c0fbf5ed9ed5ba9da178aed36833c75e23cbbdd9aa2b7336c407328635f217be900eedf16eea23c30878af
SSDEEP

3072:EamFnQYUM6m3SP2sVSdEnfWZN3cbgonk9sX1qalYuhLJNdjQVVTuP5J85Vi9iqVl:Eazq3aipalYuhoao5sQkz9WS

Score

8^/10

upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

72d1253567013982da303392fa5fdf69.exe

Resource

win7-20231215-en

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

72d1253567013982da303392fa5fdf69.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  72d1253567013982da303392fa5fdf69
- Size
  
  183KB
- MD5
  
  72d1253567013982da303392fa5fdf69
- SHA1
  
  7da9835e7e94a7eb0d3e8bedcc5fba3b6ed07d33
- SHA256
  
  6c1ad5aaf74abb724980992dd5bb7f35a4a6911e74bfb46a15291dc6937e78de
- SHA512
  
  63af41de3fbc07c29e284ec69b368e5ed2231e3dc5c0fbf5ed9ed5ba9da178aed36833c75e23cbbdd9aa2b7336c407328635f217be900eedf16eea23c30878af
- SSDEEP
  
  3072:EamFnQYUM6m3SP2sVSdEnfWZN3cbgonk9sX1qalYuhLJNdjQVVTuP5J85Vi9iqVl:Eazq3aipalYuhoao5sQkz9WS
Score

8^/10

upx
- Manipulates Digital Signatures
  Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

SIP and Trust Provider Hijacking

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy