20e8d8b408402b2a9210f9da4f22c339416407fe6c1676e9c35f2a81cf464b1d | Triage

Submit
Reports

Overview

overview

7

Static

static

3

8645dabe69...a9.exe

windows7-x64

7

8645dabe69...a9.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

8645dabe69579abb69eaba8111f7d6a9
Size

728KB
Sample

240201-h4ljeagbem
MD5

8645dabe69579abb69eaba8111f7d6a9
SHA1

c13e42e1d639c29ac2ea7b10a42ad8062142eb47
SHA256

20e8d8b408402b2a9210f9da4f22c339416407fe6c1676e9c35f2a81cf464b1d
SHA512

75db436e3be7b1700ceda9498e6b661aa77053a82d03195f337c0f776cf18798cfe810ef1a1e4de71256c04fc10f5a6f2195f50f8cbc97ef9891d0a05d6b6569
SSDEEP

12288:KU9XiuitPrKsq7MHUPapMhTIiDBFvFRGmy5h9WcMZC1zibrf7A:KUdHSPBHGa+hTIiDBFvFwmyX/MU9i8

Score

7^/10

persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

8645dabe69579abb69eaba8111f7d6a9.exe

Resource

win7-20231215-en

persistence upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

8645dabe69579abb69eaba8111f7d6a9.exe

Resource

win10v2004-20231222-en

persistence upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  8645dabe69579abb69eaba8111f7d6a9
- Size
  
  728KB
- MD5
  
  8645dabe69579abb69eaba8111f7d6a9
- SHA1
  
  c13e42e1d639c29ac2ea7b10a42ad8062142eb47
- SHA256
  
  20e8d8b408402b2a9210f9da4f22c339416407fe6c1676e9c35f2a81cf464b1d
- SHA512
  
  75db436e3be7b1700ceda9498e6b661aa77053a82d03195f337c0f776cf18798cfe810ef1a1e4de71256c04fc10f5a6f2195f50f8cbc97ef9891d0a05d6b6569
- SSDEEP
  
  12288:KU9XiuitPrKsq7MHUPapMhTIiDBFvFRGmy5h9WcMZC1zibrf7A:KUdHSPBHGa+hTIiDBFvFwmyX/MU9i8
Score

7^/10

persistence upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy