Overview

overview

10

Static

static

3

VirusShare...28.exe

windows7-x64

10

VirusShare...28.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    VirusShare_91fca7712a2d1b392f1ef1aea75bd428

  • Size

    9.3MB

  • Sample

    240610-qh6lfswhkf

  • MD5

    91fca7712a2d1b392f1ef1aea75bd428

  • SHA1

    e5f0c49dbf4fbe99b6aa59f348f8720c6a1317a9

  • SHA256

    6a86daa1de901e13190209fbb15d1c5fe3ee4c7eb5ba14c1658b04bb47bc8027

  • SHA512

    8b1364905f1aae24f71a1fa13fe4a70eb29e06d59328fe240aeb191a0c6449a61b17a4dc5e19b0052107b8ffd746fef9a83e2825f9f1f00ea5f8797ca472aa33

  • SSDEEP

    6144:wbAlIK05qY6XTFNhtWlJcPDLMb+wRZA0+Du3d2lWpqYH:wElIK26XTFNhtkerLAF01wd2IqYH

Score
10/10
persistenceupx

Malware Config

Targets

    • Target

      VirusShare_91fca7712a2d1b392f1ef1aea75bd428

    • Size

      9.3MB

    • MD5

      91fca7712a2d1b392f1ef1aea75bd428

    • SHA1

      e5f0c49dbf4fbe99b6aa59f348f8720c6a1317a9

    • SHA256

      6a86daa1de901e13190209fbb15d1c5fe3ee4c7eb5ba14c1658b04bb47bc8027

    • SHA512

      8b1364905f1aae24f71a1fa13fe4a70eb29e06d59328fe240aeb191a0c6449a61b17a4dc5e19b0052107b8ffd746fef9a83e2825f9f1f00ea5f8797ca472aa33

    • SSDEEP

      6144:wbAlIK05qY6XTFNhtWlJcPDLMb+wRZA0+Du3d2lWpqYH:wElIK26XTFNhtkerLAF01wd2IqYH

    Score
    10/10
    persistenceupx

    • Modifies WinLogon for persistence

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks