Overview

overview

7

Static

static

7

469ac087ef...0N.exe

windows7-x64

7

469ac087ef...0N.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    469ac087ef51c5e04fc205adf7a865f0N.exe

  • Size

    134KB

  • Sample

    240823-txdqrsvekd

  • MD5

    469ac087ef51c5e04fc205adf7a865f0

  • SHA1

    be1f1adab02ce523767050a4d45ba8d63acd21aa

  • SHA256

    0899740514338990262feefa8fc6f0ff48825bfd281ede6e1805d9fe54b0bd5b

  • SHA512

    84091a3847c5e66033ed0af8e06da5c3787ccd2c97c4efab2594cff4d4139445288df10df961067dea2d78308f3ac65c31f4e885db3be1f299b2399feff0a893

  • SSDEEP

    1536:YGYU/W2/HG6QMauSV3ixJHABLrmhH7i9eNOOg00GqMIK7aGZh3SOW:YfU/WF6QMauSuiWNi9eNOl0007NZIOW

Score
7/10
defense_evasiondiscoverypersistenceupx

Malware Config

Targets

    • Target

      469ac087ef51c5e04fc205adf7a865f0N.exe

    • Size

      134KB

    • MD5

      469ac087ef51c5e04fc205adf7a865f0

    • SHA1

      be1f1adab02ce523767050a4d45ba8d63acd21aa

    • SHA256

      0899740514338990262feefa8fc6f0ff48825bfd281ede6e1805d9fe54b0bd5b

    • SHA512

      84091a3847c5e66033ed0af8e06da5c3787ccd2c97c4efab2594cff4d4139445288df10df961067dea2d78308f3ac65c31f4e885db3be1f299b2399feff0a893

    • SSDEEP

      1536:YGYU/W2/HG6QMauSV3ixJHABLrmhH7i9eNOOg00GqMIK7aGZh3SOW:YfU/WF6QMauSuiWNi9eNOl0007NZIOW

    Score
    7/10
    defense_evasiondiscoverypersistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks