Overview

overview

8

Static

static

3

ffa189b71f...f0.exe

windows7-x64

8

ffa189b71f...f0.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    ffa189b71fccbb29a74a29acb39a0dfe0892f3770fec785d9d82e55bb60addf0

  • Size

    610KB

  • Sample

    240410-jy7p5acc3w

  • MD5

    8a65479b077295d8420430e9f114b6a2

  • SHA1

    887a5cd20db8752b6d55f1a7c8ca2f870cc75bd8

  • SHA256

    ffa189b71fccbb29a74a29acb39a0dfe0892f3770fec785d9d82e55bb60addf0

  • SHA512

    668dbdf1c392b6a59642098d3c2f8d658470f0f760efd59689522b7a6a1537912805fb95889de88c0c8ee0d4cc16858e9e01b1a0a8e552204c4cfd3f852cb12f

  • SSDEEP

    12288:UjAYTQEg3QC0DSCVA0b5fCLaZaO7ruzaxrTo:Usv3Q5D15/N7Kza/o

Score
8/10
evasionpersistenceupx

Malware Config

Targets

    • Target

      ffa189b71fccbb29a74a29acb39a0dfe0892f3770fec785d9d82e55bb60addf0

    • Size

      610KB

    • MD5

      8a65479b077295d8420430e9f114b6a2

    • SHA1

      887a5cd20db8752b6d55f1a7c8ca2f870cc75bd8

    • SHA256

      ffa189b71fccbb29a74a29acb39a0dfe0892f3770fec785d9d82e55bb60addf0

    • SHA512

      668dbdf1c392b6a59642098d3c2f8d658470f0f760efd59689522b7a6a1537912805fb95889de88c0c8ee0d4cc16858e9e01b1a0a8e552204c4cfd3f852cb12f

    • SSDEEP

      12288:UjAYTQEg3QC0DSCVA0b5fCLaZaO7ruzaxrTo:Usv3Q5D15/N7Kza/o

    Score
    8/10
    evasionpersistenceupx

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks