419dffb847460fded85e67afa2a5ccca99c92840023d90176a132ff1851f0b15 | Triage

Submit
Reports

Overview

overview

Static

static

419dffb847...15.exe

windows7-x64

9

419dffb847...15.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

Target

419dffb847460fded85e67afa2a5ccca99c92840023d90176a132ff1851f0b15
Size

161KB
Sample

240416-z5zwvsed6t
MD5

eb0dbba575de04386c7381da45818e08
SHA1

a68304663dd3c375a5833eab2963eeceea7d87e5
SHA256

419dffb847460fded85e67afa2a5ccca99c92840023d90176a132ff1851f0b15
SHA512

82c611a1ca3481e9ab04cc77cc957aab4f46e45a4a06cb878febf32850cffbdd5ff677fe6092a35206980627ccbf2c0b14f405070973a8faead239b04b5a42a2
SSDEEP

1536:kVdmQr3Z5IfQmv81aypP1s3yX+tlehTze2:008JOfQm01F9s3yX+fehTB

Score

10^/10

evasion upx

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

419dffb847460fded85e67afa2a5ccca99c92840023d90176a132ff1851f0b15.exe

Resource

win7-20231129-en

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

419dffb847460fded85e67afa2a5ccca99c92840023d90176a132ff1851f0b15.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  419dffb847460fded85e67afa2a5ccca99c92840023d90176a132ff1851f0b15
- Size
  
  161KB
- MD5
  
  eb0dbba575de04386c7381da45818e08
- SHA1
  
  a68304663dd3c375a5833eab2963eeceea7d87e5
- SHA256
  
  419dffb847460fded85e67afa2a5ccca99c92840023d90176a132ff1851f0b15
- SHA512
  
  82c611a1ca3481e9ab04cc77cc957aab4f46e45a4a06cb878febf32850cffbdd5ff677fe6092a35206980627ccbf2c0b14f405070973a8faead239b04b5a42a2
- SSDEEP
  
  1536:kVdmQr3Z5IfQmv81aypP1s3yX+tlehTze2:008JOfQm01F9s3yX+fehTB
Score

9^/10

evasion upx
- Detects Windows executables referencing non-Windows User-Agents
- UPX dump on OEP (original entry point)
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy