Overview

overview

7

Static

static

7

123.exe

windows7-x64

7

123.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    123.exe

  • Size

    158KB

  • Sample

    240522-3gcyzadb82

  • MD5

    9ebd849e1d898b5fff5b4309579b58f1

  • SHA1

    5c1ca6e43be704012a1f47ceaab118b00a406a9a

  • SHA256

    fdad62adfc5a345f6099ca2d8cce20b31bc8d8a72a8cfc78dd3c7bc521185384

  • SHA512

    573cf0538ad3e40e0f3002df97a29a309119af92bfceb4b3c059a6521460b7dd24f33b4ea6348898819662027a535689d085f9ace919b54a698a6edc0366b1d7

  • SSDEEP

    3072:mQ4C9g0q4hQ9WCxJDYUfYdWdgDooHeH6neUSua98KDEhlAQ1eXuout:R4y24hXWD24eoo+UeOWS7FoS

Score
7/10
executionupx

Malware Config

Targets

    • Target

      123.exe

    • Size

      158KB

    • MD5

      9ebd849e1d898b5fff5b4309579b58f1

    • SHA1

      5c1ca6e43be704012a1f47ceaab118b00a406a9a

    • SHA256

      fdad62adfc5a345f6099ca2d8cce20b31bc8d8a72a8cfc78dd3c7bc521185384

    • SHA512

      573cf0538ad3e40e0f3002df97a29a309119af92bfceb4b3c059a6521460b7dd24f33b4ea6348898819662027a535689d085f9ace919b54a698a6edc0366b1d7

    • SSDEEP

      3072:mQ4C9g0q4hQ9WCxJDYUfYdWdgDooHeH6neUSua98KDEhlAQ1eXuout:R4y24hXWD24eoo+UeOWS7FoS

    Score
    7/10
    upxexecution

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

PowerShell

1
T1059.001

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks