Overview

overview

7

Static

static

7

6531dada5a...7f.exe

windows7-x64

7

6531dada5a...7f.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6531dada5a56e45f6ef72d76340ce622ef66a399bd7ed6100541b2ad9f912b7f

  • Size

    134KB

  • Sample

    240625-164rwaxamb

  • MD5

    7193be61f01f7653a31ba84c5be2ad5c

  • SHA1

    b3827a8575fc2e0a2f105267b0b9c6903343b5da

  • SHA256

    6531dada5a56e45f6ef72d76340ce622ef66a399bd7ed6100541b2ad9f912b7f

  • SHA512

    872383cd87ec7396b0ee03b8a558823881b712cc79ef60073d547ddb1b1258b2c8d3f4dfd644f6c9a85394e53648c435c3a8bb8b43ab42d04ea9d0e9b2dd309b

  • SSDEEP

    1536:YGYU/W2/HG6QMauSV3ixJHABLrmhH7i9eNOOg00GqMIK7aGZh3SOD:YfU/WF6QMauSuiWNi9eNOl0007NZIOD

Score
7/10
persistenceupx

Malware Config

Targets

    • Target

      6531dada5a56e45f6ef72d76340ce622ef66a399bd7ed6100541b2ad9f912b7f

    • Size

      134KB

    • MD5

      7193be61f01f7653a31ba84c5be2ad5c

    • SHA1

      b3827a8575fc2e0a2f105267b0b9c6903343b5da

    • SHA256

      6531dada5a56e45f6ef72d76340ce622ef66a399bd7ed6100541b2ad9f912b7f

    • SHA512

      872383cd87ec7396b0ee03b8a558823881b712cc79ef60073d547ddb1b1258b2c8d3f4dfd644f6c9a85394e53648c435c3a8bb8b43ab42d04ea9d0e9b2dd309b

    • SSDEEP

      1536:YGYU/W2/HG6QMauSV3ixJHABLrmhH7i9eNOOg00GqMIK7aGZh3SOD:YfU/WF6QMauSuiWNi9eNOl0007NZIOD

    Score
    7/10
    persistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks