Overview

overview

7

Static

static

7

video-mp4.exe

windows7-x64

7

video-mp4.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    ba522c2d4bffb282d850c66df18233d9_JaffaCakes118

  • Size

    387KB

  • Sample

    240823-evhvdaxcmp

  • MD5

    ba522c2d4bffb282d850c66df18233d9

  • SHA1

    6d1e14bcae58e4fe90a87b056ab734c7e3261591

  • SHA256

    c5fd5a7c908014b69a4095ec82a395ec8680f9e6dc351fb0ce7cbad050dd8b6e

  • SHA512

    58ff0c7e5c2991e441027796be4380ffdbbee43bdebcdd5eff4685336ccf7e33fe2c2c2aa8de44cdea5cb5f2bad73d7625c6b1ce27585e9a8d8cb26d1c326831

  • SSDEEP

    12288:T8oS6C48mOzNRJjTYjRvzYeJMVkPtnbuSZo:9J6m+TxU9tNtnbW

Score
7/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      video-mp4.exe

    • Size

      542KB

    • MD5

      b7710a4fd3a8b3c9a60cf9c1d5efbaa0

    • SHA1

      b1d5e367b1067efbd2525f17148f927c19297621

    • SHA256

      ed54e0a4cb8328e54ee28456d3aeba34ae361b34819c885f7cd61a8490790371

    • SHA512

      021ac6efacd2fbd8f61a06c265aef3f30dd04c5dbcfb05aea11054bf68ddf9b60adf9917a42708e1417059f60d77d56b97ad2363986e7d7431a62a59b205bc48

    • SSDEEP

      6144:gUfZ+4vjMrAnYTp4kd03iDxOxTBgjQubBxlCiZNrlUVlhvpfKcuMK2rT4VhgE+SP:gK+mjEaYf03ys/h7/vR3PtJbuSU

    Score
    7/10
    discoverypersistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks