Overview

overview

9

Static

static

7

d606bb94de...6a.exe

windows7-x64

9

d606bb94de...6a.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d606bb94dec5bd35ba4b7395afe24b6a

  • Size

    746KB

  • Sample

    240319-nvy12abb77

  • MD5

    d606bb94dec5bd35ba4b7395afe24b6a

  • SHA1

    3dd4cbde39ac73d13978074428e8b70e5788f55f

  • SHA256

    e15b025d6233dfd172b51249fd4abbbf648062cfe024a265ce1a7c94289e2e5b

  • SHA512

    98c32467e058c69c7c1d46baf1aa28b6a493a1ed3d4e0922a1b9ac0bfebd0b1047d173efba4b4e9fb0dc592a2f166df2ffcbf40a029ec3a067e990ccb8144dd9

  • SSDEEP

    12288:62BJ6p91Le4PEMxC7Gy9PF8DS1pHBCyQBni+VUO7gklYqte2aFA:lBJEig47GSPzTHBCdVJ/g/+

Score
9/10
evasionupx

Malware Config

Targets

    • Target

      d606bb94dec5bd35ba4b7395afe24b6a

    • Size

      746KB

    • MD5

      d606bb94dec5bd35ba4b7395afe24b6a

    • SHA1

      3dd4cbde39ac73d13978074428e8b70e5788f55f

    • SHA256

      e15b025d6233dfd172b51249fd4abbbf648062cfe024a265ce1a7c94289e2e5b

    • SHA512

      98c32467e058c69c7c1d46baf1aa28b6a493a1ed3d4e0922a1b9ac0bfebd0b1047d173efba4b4e9fb0dc592a2f166df2ffcbf40a029ec3a067e990ccb8144dd9

    • SSDEEP

      12288:62BJ6p91Le4PEMxC7Gy9PF8DS1pHBCyQBni+VUO7gklYqte2aFA:lBJEig47GSPzTHBCdVJ/g/+

    Score
    9/10
    evasionupx

    • Checks for common network interception software

      Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.

      evasion

    • Enumerates VirtualBox registry keys

      evasion

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks