de9c11e50420819e832be5f7b8022d7d9d13ddf3bb1616e0e06b5da62a2fbe09 | Triage

Submit
Reports

Overview

overview

Static

static

de9c11e504...09.exe

windows7-x64

9

de9c11e504...09.exe

windows10-2004-x64

9

Sharing

General

Target

de9c11e50420819e832be5f7b8022d7d9d13ddf3bb1616e0e06b5da62a2fbe09
Size

223KB
Sample

240430-d79cesca3z
MD5

374e8b278eac1b69b119e4ceceac05bf
SHA1

38a8ad138f8d0faf756fe3e8cdaa7e1658455003
SHA256

de9c11e50420819e832be5f7b8022d7d9d13ddf3bb1616e0e06b5da62a2fbe09
SHA512

90e51f5e9f6e7cae3bb2ae792e3a5c364739f71e46498ac609a1c981f526abc3c2af53b4286685574f2dc1ca5d079a8f7f5a8a3f204c449629864d14d6812bec
SSDEEP

3072:adEUfKj8BYbDiC1ZTK7sxtLUIGsqDiC1ZBdEUfKjj9dEUfKj8BYbDiC1ZTK7sxtJ:aUSiZTK40QuZBUX9USiZTK40+HMHY

Score

10^/10

upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

de9c11e50420819e832be5f7b8022d7d9d13ddf3bb1616e0e06b5da62a2fbe09.exe

Resource

win7-20240221-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

de9c11e50420819e832be5f7b8022d7d9d13ddf3bb1616e0e06b5da62a2fbe09.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  de9c11e50420819e832be5f7b8022d7d9d13ddf3bb1616e0e06b5da62a2fbe09
- Size
  
  223KB
- MD5
  
  374e8b278eac1b69b119e4ceceac05bf
- SHA1
  
  38a8ad138f8d0faf756fe3e8cdaa7e1658455003
- SHA256
  
  de9c11e50420819e832be5f7b8022d7d9d13ddf3bb1616e0e06b5da62a2fbe09
- SHA512
  
  90e51f5e9f6e7cae3bb2ae792e3a5c364739f71e46498ac609a1c981f526abc3c2af53b4286685574f2dc1ca5d079a8f7f5a8a3f204c449629864d14d6812bec
- SSDEEP
  
  3072:adEUfKj8BYbDiC1ZTK7sxtLUIGsqDiC1ZBdEUfKjj9dEUfKj8BYbDiC1ZTK7sxtJ:aUSiZTK40QuZBUX9USiZTK40+HMHY
Score

9^/10

upx
- UPX dump on OEP (original entry point)
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy