Overview

overview

7

Static

static

1

windowblinds.js

windows7-x64

7

windowblinds.js

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    windowblinds

  • Size

    46KB

  • Sample

    240630-df9h4swfjr

  • MD5

    385e1448176b354d72e5262d181d058e

  • SHA1

    cfe670ece3e1d6e3656d1471bb8664c1ebf149d3

  • SHA256

    77290f08856b8c3097d3c1a9ce27db5a5738df869d7cfd0def24e00f4496e4d3

  • SHA512

    5143d6d9be53c3b3e2728d184063fd68c11822acda1402e804d48b94726cad19fbc293e8807e46a9ec8bae5c23581857774efd87b58041b526feca02f20c92b0

  • SSDEEP

    768:LOpwuYD7aghhq7yMtBh8npsDBPSk/3y3mlMSYNmYfv:LOpwFDfhq7yMtBh8nYF39lMSYNmYX

Score
7/10
discoveryexecutionupx

Malware Config

Targets

    • Target

      windowblinds

    • Size

      46KB

    • MD5

      385e1448176b354d72e5262d181d058e

    • SHA1

      cfe670ece3e1d6e3656d1471bb8664c1ebf149d3

    • SHA256

      77290f08856b8c3097d3c1a9ce27db5a5738df869d7cfd0def24e00f4496e4d3

    • SHA512

      5143d6d9be53c3b3e2728d184063fd68c11822acda1402e804d48b94726cad19fbc293e8807e46a9ec8bae5c23581857774efd87b58041b526feca02f20c92b0

    • SSDEEP

      768:LOpwuYD7aghhq7yMtBh8npsDBPSk/3y3mlMSYNmYfv:LOpwFDfhq7yMtBh8nYF39lMSYNmYX

    Score
    7/10
    discoveryexecutionupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks