Overview

overview

8

Static

static

7

30b062f526...0N.exe

windows7-x64

8

30b062f526...0N.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    30b062f5265d63af3c9ccc1eea4adc00N.exe

  • Size

    232KB

  • Sample

    240903-mnkpdsvhqf

  • MD5

    30b062f5265d63af3c9ccc1eea4adc00

  • SHA1

    694f3a72628cae050886c28e25ccb8431e0d16b9

  • SHA256

    d035a83631ff9fae8a28d6c8ccde53fe8ad4ad621cc9f93d467c802a4a9661de

  • SHA512

    3c9ecf614e88d7b741987f6c0a40d106cec47b53c678ee73123f067d368013081772b937426d71ecdbed19261fab5ff25aff032b8920f71471cca257a5290266

  • SSDEEP

    3072:L1i/NU8bOMYcYYcmy51VRgiFCpCIXUWOLTsEsigcL3P6xxc1VOz1i/NU82OMYcYU:pi/NjO5xbg/CSUFLTwMjs6oi/N+O7

Score
8/10
defense_evasiondiscoverypersistenceupx

Malware Config

Targets

    • Target

      30b062f5265d63af3c9ccc1eea4adc00N.exe

    • Size

      232KB

    • MD5

      30b062f5265d63af3c9ccc1eea4adc00

    • SHA1

      694f3a72628cae050886c28e25ccb8431e0d16b9

    • SHA256

      d035a83631ff9fae8a28d6c8ccde53fe8ad4ad621cc9f93d467c802a4a9661de

    • SHA512

      3c9ecf614e88d7b741987f6c0a40d106cec47b53c678ee73123f067d368013081772b937426d71ecdbed19261fab5ff25aff032b8920f71471cca257a5290266

    • SSDEEP

      3072:L1i/NU8bOMYcYYcmy51VRgiFCpCIXUWOLTsEsigcL3P6xxc1VOz1i/NU82OMYcYU:pi/NjO5xbg/CSUFLTwMjs6oi/N+O7

    Score
    8/10
    defense_evasiondiscoverypersistenceupx

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    • Hide Artifacts: Hidden Files and Directories

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks