Overview

overview

7

Static

static

7

7fb6176d1d...3b.exe

windows7-x64

7

7fb6176d1d...3b.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    7fb6176d1dbd57c1d55702874e97a83b

  • Size

    20KB

  • Sample

    240129-nfezlsaabk

  • MD5

    7fb6176d1dbd57c1d55702874e97a83b

  • SHA1

    bcd205dee2eee7977a47ab7ec6d551a8fd308464

  • SHA256

    82131599316a533b33f633530adbdfc279afcb3525e0d0629b2663f1f3d57bc7

  • SHA512

    6f1881a5da6fd28b0815ef23ca833d2d879eb3589316e847b5634c3726662e337460059aa8189d91f7a122fa0fa5fa46973a7b26d6f6cff84240c7a812f6c478

  • SSDEEP

    384:NVzX/WM4m6zGAttUDcwu2X1hBlhAK5fZAV0g3LyFoEJr1EN+DQc8rVAp9:3POm2ptmDcwuu/BlhNZVgv4WrVc9

Score
7/10
persistenceupx

Malware Config

Targets

    • Target

      7fb6176d1dbd57c1d55702874e97a83b

    • Size

      20KB

    • MD5

      7fb6176d1dbd57c1d55702874e97a83b

    • SHA1

      bcd205dee2eee7977a47ab7ec6d551a8fd308464

    • SHA256

      82131599316a533b33f633530adbdfc279afcb3525e0d0629b2663f1f3d57bc7

    • SHA512

      6f1881a5da6fd28b0815ef23ca833d2d879eb3589316e847b5634c3726662e337460059aa8189d91f7a122fa0fa5fa46973a7b26d6f6cff84240c7a812f6c478

    • SSDEEP

      384:NVzX/WM4m6zGAttUDcwu2X1hBlhAK5fZAV0g3LyFoEJr1EN+DQc8rVAp9:3POm2ptmDcwuu/BlhNZVgv4WrVc9

    Score
    7/10
    persistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks