Overview

overview

7

Static

static

7

22c106d933...50.exe

windows7-x64

7

22c106d933...50.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    22c106d933dcc17b11063084dfe33550.bin

  • Size

    304KB

  • Sample

    240515-b71deabc4s

  • MD5

    22c106d933dcc17b11063084dfe33550

  • SHA1

    3251358d46bd3bcec08f8d5a21658ffc292b6f7e

  • SHA256

    53ca17d7e903d8a350319ed1bba70da72cbce4e4fedb89db43df3e7adc87299d

  • SHA512

    eedf6707792792513eecedeec0919ec39a0f14c14e08003712a3083d681f1cd28c1fc716b07a76cf43be1312f02d7369c7ca95a1e209d42b0fbd3cb852b3d05a

  • SSDEEP

    3072:CA5SVkkgUWip7mUC7AdYzrV+Dljy/32ubwZZqJ:CPUgxCkdYzrVolu/J0ZZ

Score
7/10
persistenceupx

Malware Config

Targets

    • Target

      22c106d933dcc17b11063084dfe33550.bin

    • Size

      304KB

    • MD5

      22c106d933dcc17b11063084dfe33550

    • SHA1

      3251358d46bd3bcec08f8d5a21658ffc292b6f7e

    • SHA256

      53ca17d7e903d8a350319ed1bba70da72cbce4e4fedb89db43df3e7adc87299d

    • SHA512

      eedf6707792792513eecedeec0919ec39a0f14c14e08003712a3083d681f1cd28c1fc716b07a76cf43be1312f02d7369c7ca95a1e209d42b0fbd3cb852b3d05a

    • SSDEEP

      3072:CA5SVkkgUWip7mUC7AdYzrV+Dljy/32ubwZZqJ:CPUgxCkdYzrVolu/J0ZZ

    Score
    7/10
    persistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks