684c0eccf0772dde39feaf9ff86b649c802203f82ee40b6ca07f6fa755dfa204 | Triage

Submit
Reports

Overview

overview

Static

static

684c0eccf0...04.exe

windows7-x64

9

684c0eccf0...04.exe

windows10-2004-x64

9

Sharing

General

Target

684c0eccf0772dde39feaf9ff86b649c802203f82ee40b6ca07f6fa755dfa204
Size

74KB
Sample

240424-2kzrgaba58
MD5

aaa2a4ef3ecc6abb3c7e39503d7ee4a8
SHA1

9d8ff5a4f47aee5ff9cd94766aff22fb6c3bac1a
SHA256

684c0eccf0772dde39feaf9ff86b649c802203f82ee40b6ca07f6fa755dfa204
SHA512

112242490df868adf5ccb5eedc23c4b5ef66d7c0dab5ac258a172811e7d4b7cc52445a8131d4645bdf2f17b36ce472e57d8e48a6545e1467a14b3a7ea4c3bc77
SSDEEP

1536:IYvybS6U3TqycPzpHNWnnn3CCCCrrDRN7qqqEw:9vYU2Vz9IDTqqq3

Score

10^/10

evasion upx

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

684c0eccf0772dde39feaf9ff86b649c802203f82ee40b6ca07f6fa755dfa204.exe

Resource

win7-20240215-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

684c0eccf0772dde39feaf9ff86b649c802203f82ee40b6ca07f6fa755dfa204.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  684c0eccf0772dde39feaf9ff86b649c802203f82ee40b6ca07f6fa755dfa204
- Size
  
  74KB
- MD5
  
  aaa2a4ef3ecc6abb3c7e39503d7ee4a8
- SHA1
  
  9d8ff5a4f47aee5ff9cd94766aff22fb6c3bac1a
- SHA256
  
  684c0eccf0772dde39feaf9ff86b649c802203f82ee40b6ca07f6fa755dfa204
- SHA512
  
  112242490df868adf5ccb5eedc23c4b5ef66d7c0dab5ac258a172811e7d4b7cc52445a8131d4645bdf2f17b36ce472e57d8e48a6545e1467a14b3a7ea4c3bc77
- SSDEEP
  
  1536:IYvybS6U3TqycPzpHNWnnn3CCCCrrDRN7qqqEw:9vYU2Vz9IDTqqq3
Score

9^/10

evasion upx
- Detects Windows executables referencing non-Windows User-Agents
- UPX dump on OEP (original entry point)
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy