Overview

overview

7

Static

static

7

46adffea9c...0N.exe

windows7-x64

7

46adffea9c...0N.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    46adffea9cb7a590bd96698eb72b5da0N.exe

  • Size

    200KB

  • Sample

    240722-cqa8mavdnf

  • MD5

    46adffea9cb7a590bd96698eb72b5da0

  • SHA1

    bd17108e7801cf96cdfd1ee1af3c6f8f9a6c4f03

  • SHA256

    fe805bf541b858dc41d725aae63c21e01fc6826fd7a85c41e3a1931e2ae198c5

  • SHA512

    d7f932d6ce49766fbcf17e4a522ca0f9110e4a1903782730e939224a9e5aafc62d44b8ac1d5fbef130f7fb9dbf31fd1e09803fd1f20a7ca6381e03074fb0fa90

  • SSDEEP

    1536:KChrVkT1hoxJTxRcTGJNOJh1n/O+yCx9Fs/i7sUtnR/J:5B2Tna3bq1n99K/i7tR

Score
7/10
persistenceupx

Malware Config

Targets

    • Target

      46adffea9cb7a590bd96698eb72b5da0N.exe

    • Size

      200KB

    • MD5

      46adffea9cb7a590bd96698eb72b5da0

    • SHA1

      bd17108e7801cf96cdfd1ee1af3c6f8f9a6c4f03

    • SHA256

      fe805bf541b858dc41d725aae63c21e01fc6826fd7a85c41e3a1931e2ae198c5

    • SHA512

      d7f932d6ce49766fbcf17e4a522ca0f9110e4a1903782730e939224a9e5aafc62d44b8ac1d5fbef130f7fb9dbf31fd1e09803fd1f20a7ca6381e03074fb0fa90

    • SSDEEP

      1536:KChrVkT1hoxJTxRcTGJNOJh1n/O+yCx9Fs/i7sUtnR/J:5B2Tna3bq1n99K/i7tR

    Score
    7/10
    persistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks