Overview

overview

9

Static

static

3

615a74b5cc...90.exe

windows7-x64

9

615a74b5cc...90.exe

windows10-2004-x64

9

EZMerge.exe

windows7-x64

1

EZMerge.exe

windows10-2004-x64

1

travedit.dll

windows7-x64

1

travedit.dll

windows10-2004-x64

1

troprmediafmt.dll

windows7-x64

1

troprmediafmt.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    615a74b5cc3d5e34ecfc07d05f025dd2e3bb627d0f14a5d2d53f47a3e1c82d90

  • Size

    554KB

  • Sample

    240421-19qpescd21

  • MD5

    9db4304867f4d1260c3c8634a6781906

  • SHA1

    4f09c473338db61a7867ce9d9ae2b95acb141f36

  • SHA256

    615a74b5cc3d5e34ecfc07d05f025dd2e3bb627d0f14a5d2d53f47a3e1c82d90

  • SHA512

    49051fc04eeb34d83db8a6d602aa223e5218b2655e7554370ce6f4f41e68f0a51acfb3052166e1c2bf487701338332c58419106e5f7f791df1647311d51a6ee4

  • SSDEEP

    12288:1g3HTcCHZ8kNLDO6RLNE6Uvf7/cjPgnh2FmLgF+f8rBjvrEH7P9:m3HTcqZ8kNbLNE6UvbheMgFrRrEH7P9

Score
9/10
upx

Malware Config

Targets

    • Target

      615a74b5cc3d5e34ecfc07d05f025dd2e3bb627d0f14a5d2d53f47a3e1c82d90

    • Size

      554KB

    • MD5

      9db4304867f4d1260c3c8634a6781906

    • SHA1

      4f09c473338db61a7867ce9d9ae2b95acb141f36

    • SHA256

      615a74b5cc3d5e34ecfc07d05f025dd2e3bb627d0f14a5d2d53f47a3e1c82d90

    • SHA512

      49051fc04eeb34d83db8a6d602aa223e5218b2655e7554370ce6f4f41e68f0a51acfb3052166e1c2bf487701338332c58419106e5f7f791df1647311d51a6ee4

    • SSDEEP

      12288:1g3HTcCHZ8kNLDO6RLNE6Uvf7/cjPgnh2FmLgF+f8rBjvrEH7P9:m3HTcqZ8kNbLNE6UvbheMgFrRrEH7P9

    Score
    9/10
    upx

    • UPX dump on OEP (original entry point)

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

    • Target

      EZMerge.exe

    • Size

      1.0MB

    • MD5

      b838142cd9471b03fb0607b4a22ff358

    • SHA1

      8752ef2df368fe10fc0c03643e003a5fe66fd169

    • SHA256

      772dccc91855b2926092b67905585e7937543b8a4cf25e7533c9c95790d6ee82

    • SHA512

      22cf8787ddb16923c0a41902685a1791b5765b392ea139c47a72b9f4c6f29ed4aac9c4d8e423ffedb444f72c40c9c86c5db043a2ee48586fcd986538ccb09696

    • SSDEEP

      12288:WzL6S1Gjj5WAx1DKHYJYeTtdejdZC+L0aZrnDjtIUj8BIami/g/J/v:WzgjAcOarqZCW0SDjlj8+av/g/J/

    Score
    1/10
    behavioral3behavioral4

    • Target

      travedit.dll

    • Size

      213KB

    • MD5

      799b066426a3dda1086b051ac5bc3006

    • SHA1

      c905cd11eeb15e25c48450a2ce1e5464c870788b

    • SHA256

      24107ef91c777b7ce361f3fd570864d6257b3b9b3d992e46cdeb5c56873469cd

    • SHA512

      289d99c2202306d302f29bc40bb8ac5ceaf70c399ca34a70a5f77401191f6bfde55b7e0e5baddb7bef6ece65fd7243dda73d9dda681502a84ae48124b314495a

    • SSDEEP

      3072:c9fZ7xGnVpCOt/TYge70/b/igviHdSjAuiyxrGYuAQfO+UaC1:idxuCORYgWUv0sAuiyx3uk

    Score
    1/10
    behavioral5behavioral6

    • Target

      troprmediafmt.dll

    • Size

      283KB

    • MD5

      501c00b82842f9dfa404c188bf1250cf

    • SHA1

      6782898df78cc716ebb07dbc78250c3c01d52452

    • SHA256

      94a132607e3678dfad1bec7f2a912018b7bc2342e9d98dbf6eb1c0110f4df12d

    • SHA512

      820b8b2b95d7ef523bb3276a3ff318e0cd12b64aa951e6dfcd5392a2734e748a86eb42c03494dfaca216bf3679f8f4d837880670c70cf5212bdacd1002770ae7

    • SSDEEP

      6144:Z9SPWGvowj2NkMZ53/nu40zwtybf9yrG6lUN9:ZBkMZ5Pu40zwtybIr2N9

    Score
    1/10
    behavioral7behavioral8

MITRE ATT&CK Enterprise v15

Tasks