Overview

overview

8

Static

static

7

11c7a95761...0N.exe

windows7-x64

8

11c7a95761...0N.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    11c7a95761bc83a2e84ec72a729f2850N.exe

  • Size

    232KB

  • Sample

    240723-1tsh3s1bpq

  • MD5

    11c7a95761bc83a2e84ec72a729f2850

  • SHA1

    fc74f85fc67442d92c527b344a5f4e3c3e56db51

  • SHA256

    646288619d2319364b6020b25e50f75623ee479525209f525d60b14c305d8fc5

  • SHA512

    abbdb62f79b8d1ec205d635c5ed7a1a4e142d8f5d762591b312a2353f269da7ce85a7efd06d22c505100e0c80cef282bb590702292233398833dee9040d6baa4

  • SSDEEP

    3072:Y1i/NU8bOMYcYYcmy51VRgiFCpCIXUWOLTsEsigcL3P6xxc1VOz1i/NU82OMYcYU:2i/NjO5xbg/CSUFLTwMjs6oi/N+O7

Score
8/10
defense_evasiondiscoverypersistenceupx

Malware Config

Targets

    • Target

      11c7a95761bc83a2e84ec72a729f2850N.exe

    • Size

      232KB

    • MD5

      11c7a95761bc83a2e84ec72a729f2850

    • SHA1

      fc74f85fc67442d92c527b344a5f4e3c3e56db51

    • SHA256

      646288619d2319364b6020b25e50f75623ee479525209f525d60b14c305d8fc5

    • SHA512

      abbdb62f79b8d1ec205d635c5ed7a1a4e142d8f5d762591b312a2353f269da7ce85a7efd06d22c505100e0c80cef282bb590702292233398833dee9040d6baa4

    • SSDEEP

      3072:Y1i/NU8bOMYcYYcmy51VRgiFCpCIXUWOLTsEsigcL3P6xxc1VOz1i/NU82OMYcYU:2i/NjO5xbg/CSUFLTwMjs6oi/N+O7

    Score
    8/10
    defense_evasiondiscoverypersistenceupx

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    • Hide Artifacts: Hidden Files and Directories

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks