Overview

overview

7

Static

static

7

343c4ee767...0N.exe

windows7-x64

7

343c4ee767...0N.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    343c4ee767bd93c60cbe2bcb809c8590N.exe

  • Size

    134KB

  • Sample

    240712-flshwszajk

  • MD5

    343c4ee767bd93c60cbe2bcb809c8590

  • SHA1

    0587ad811293396d48981b52f2a70e9c5b933ab1

  • SHA256

    fbbee6d4a07ab6c42d1ae865593ae7c5ef7dadda634371d5e05277c48a9ddd36

  • SHA512

    328f11183f2cebd2c0ebbb8ef18c03f7c883ae6c78659d2a442ab9e2ae6223de464f87eafa195749638fe83ed699fe1caf055a16f996036a09b7d6fe1590d48f

  • SSDEEP

    1536:YGYU/W2/HG6QMauSV3ixJHABLrmhH7i9eNOOg00GqMIK7aGZh3SOx:YfU/WF6QMauSuiWNi9eNOl0007NZIOx

Score
7/10
persistenceupx

Malware Config

Targets

    • Target

      343c4ee767bd93c60cbe2bcb809c8590N.exe

    • Size

      134KB

    • MD5

      343c4ee767bd93c60cbe2bcb809c8590

    • SHA1

      0587ad811293396d48981b52f2a70e9c5b933ab1

    • SHA256

      fbbee6d4a07ab6c42d1ae865593ae7c5ef7dadda634371d5e05277c48a9ddd36

    • SHA512

      328f11183f2cebd2c0ebbb8ef18c03f7c883ae6c78659d2a442ab9e2ae6223de464f87eafa195749638fe83ed699fe1caf055a16f996036a09b7d6fe1590d48f

    • SSDEEP

      1536:YGYU/W2/HG6QMauSV3ixJHABLrmhH7i9eNOOg00GqMIK7aGZh3SOx:YfU/WF6QMauSuiWNi9eNOl0007NZIOx

    Score
    7/10
    persistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks