Overview

overview

10

Static

static

10

ScanGuard_Setup.exe

windows7-x64

4

ScanGuard_Setup.exe

windows10-2004-x64

8

Resubmissions

05-03-2024 17:34

240305-v5wrzsdd99 10

05-03-2024 17:25

240305-vzdn8adb99 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ScanGuard_Setup.exe

  • Size

    54.8MB

  • Sample

    240305-vzdn8adb99

  • MD5

    6a341a3120a8e9140076e7f07a14ac00

  • SHA1

    93c3ef60132b89cecd1418efbfc396c7ea6ed513

  • SHA256

    5b4e091f4ff55c2d426ca3ab68714562387fb615b820bb32dd696a150f3330cd

  • SHA512

    e19de3685d2bd55ed67bf35044889eed56b0e02ae408d834df13b72d59b345162166bdc8348f4c01c7d850c14cc1b0b771cf5f92bb3ecd4adef427d860a93a48

  • SSDEEP

    1572864:N4kqcnVXU29JlWMOVqvvIw7ZbN7vF6P0EVAWZZLdwa:bnVXV/lW3Vq3Ikf7vF9Bi9Sa

Score
10/10
blackguarddiscoverypersistenceupx

Malware Config

Targets

    • Target

      ScanGuard_Setup.exe

    • Size

      54.8MB

    • MD5

      6a341a3120a8e9140076e7f07a14ac00

    • SHA1

      93c3ef60132b89cecd1418efbfc396c7ea6ed513

    • SHA256

      5b4e091f4ff55c2d426ca3ab68714562387fb615b820bb32dd696a150f3330cd

    • SHA512

      e19de3685d2bd55ed67bf35044889eed56b0e02ae408d834df13b72d59b345162166bdc8348f4c01c7d850c14cc1b0b771cf5f92bb3ecd4adef427d860a93a48

    • SSDEEP

      1572864:N4kqcnVXU29JlWMOVqvvIw7ZbN7vF6P0EVAWZZLdwa:bnVXV/lW3Vq3Ikf7vF9Bi9Sa

    Score
    8/10
    discoverypersistenceupx

    • Creates new service(s)

      persistence

    • Drops file in Drivers directory

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks