Overview

overview

8

Static

static

3

d53f5e4e89...8b.exe

windows7-x64

8

d53f5e4e89...8b.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d53f5e4e89f3f23bcd74f2282c432e8b

  • Size

    618KB

  • Sample

    240319-fj4s5sah8w

  • MD5

    d53f5e4e89f3f23bcd74f2282c432e8b

  • SHA1

    60ddf5c7ad41f4a3e6fd99628e2cfdfb0848abb2

  • SHA256

    4a9a590ed83b58c15b4ac8d0da1d8514a847d355d9015f23778d7367505feaea

  • SHA512

    b09effcee450d0b72dcc22c4ec03182478358c0f620d7390c52173a36a794464a133816a8348ea3d5edcbb19ed7c0060edb2e504a360e93a49ac4350e9a020c0

  • SSDEEP

    12288:n9SgJzBppGq9TmNenRv2LK52pZPJ/VH3zI5DKbgJg05F6J:9bRBQxLK52VNzuKbg7a

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      d53f5e4e89f3f23bcd74f2282c432e8b

    • Size

      618KB

    • MD5

      d53f5e4e89f3f23bcd74f2282c432e8b

    • SHA1

      60ddf5c7ad41f4a3e6fd99628e2cfdfb0848abb2

    • SHA256

      4a9a590ed83b58c15b4ac8d0da1d8514a847d355d9015f23778d7367505feaea

    • SHA512

      b09effcee450d0b72dcc22c4ec03182478358c0f620d7390c52173a36a794464a133816a8348ea3d5edcbb19ed7c0060edb2e504a360e93a49ac4350e9a020c0

    • SSDEEP

      12288:n9SgJzBppGq9TmNenRv2LK52pZPJ/VH3zI5DKbgJg05F6J:9bRBQxLK52VNzuKbg7a

    Score
    8/10
    persistenceupx

    • Modifies Installed Components in the registry

      persistence

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks