Overview

overview

7

Static

static

7

b8f3af9de7...a8.exe

windows7-x64

7

b8f3af9de7...a8.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    b8f3af9de7b3a6bbdf813b87160295a8

  • Size

    297KB

  • Sample

    240307-rsagfaec4x

  • MD5

    b8f3af9de7b3a6bbdf813b87160295a8

  • SHA1

    b92fc9ec19246d62fcb8e4ff4af89fc8ada509e3

  • SHA256

    21817cd11609a602c97437f50b37c037ac8fdf1ab2febbe742d3d271b44f2ab7

  • SHA512

    5edd4aae61af8d7643c6fd4275481eb09bf2218c7ab4e972a540d3b2441f4fb74db37375fdde433a0ccc680df85091cf368d182d044d727d0802f360e655601a

  • SSDEEP

    6144:HTdiRzRz45GumLNGJVUYc8r10tAcKovjEqMeM/xmosN5:zdaOGumLNGoYc85Tc5vjMXB

Score
7/10
persistenceupx

Malware Config

Targets

    • Target

      b8f3af9de7b3a6bbdf813b87160295a8

    • Size

      297KB

    • MD5

      b8f3af9de7b3a6bbdf813b87160295a8

    • SHA1

      b92fc9ec19246d62fcb8e4ff4af89fc8ada509e3

    • SHA256

      21817cd11609a602c97437f50b37c037ac8fdf1ab2febbe742d3d271b44f2ab7

    • SHA512

      5edd4aae61af8d7643c6fd4275481eb09bf2218c7ab4e972a540d3b2441f4fb74db37375fdde433a0ccc680df85091cf368d182d044d727d0802f360e655601a

    • SSDEEP

      6144:HTdiRzRz45GumLNGJVUYc8r10tAcKovjEqMeM/xmosN5:zdaOGumLNGoYc85Tc5vjMXB

    Score
    7/10
    persistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks