Overview

overview

8

Static

static

7

030d78fcf7...0N.exe

windows7-x64

8

030d78fcf7...0N.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    030d78fcf7df69edcfaddfd4b4f05ec0N.exe

  • Size

    44KB

  • Sample

    240720-tm6c2asdrk

  • MD5

    030d78fcf7df69edcfaddfd4b4f05ec0

  • SHA1

    5e60189eb4bb3fcb1fb61c383776beb7b8674e66

  • SHA256

    1910c5391ec25b53e3ddbb97b4971be6e42ba0a8de539abaf972adbea6af32fd

  • SHA512

    98c70e95a977373f3a344c07cf7128699e4c98a8cd699529de407bbcce71e64f3c050f97eb7a571837cf0e1882af3b64de5b8f8f348e98072e9128f4abdb87b9

  • SSDEEP

    384:CxL+q5r+PpHfXhUkKvI4QwjQ/vFJhheJ06oZrj/vBKDJZZ/:ua4r+PpHfXGLOnNh8noR+v/

Score
8/10
upx

Malware Config

Targets

    • Target

      030d78fcf7df69edcfaddfd4b4f05ec0N.exe

    • Size

      44KB

    • MD5

      030d78fcf7df69edcfaddfd4b4f05ec0

    • SHA1

      5e60189eb4bb3fcb1fb61c383776beb7b8674e66

    • SHA256

      1910c5391ec25b53e3ddbb97b4971be6e42ba0a8de539abaf972adbea6af32fd

    • SHA512

      98c70e95a977373f3a344c07cf7128699e4c98a8cd699529de407bbcce71e64f3c050f97eb7a571837cf0e1882af3b64de5b8f8f348e98072e9128f4abdb87b9

    • SSDEEP

      384:CxL+q5r+PpHfXhUkKvI4QwjQ/vFJhheJ06oZrj/vBKDJZZ/:ua4r+PpHfXGLOnNh8noR+v/

    Score
    8/10
    upx

    • Drops file in Drivers directory

    • Manipulates Digital Signatures

      Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops desktop.ini file(s)

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks