Overview

overview

7

Static

static

7

ac4a465b76...e9.exe

windows7-x64

7

ac4a465b76...e9.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    ac4a465b7677dcfd511f23ff66d88fd84620e08b81dd83e9286e5e72fca5e0e9

  • Size

    200KB

  • Sample

    240919-bbxbwasepl

  • MD5

    388beefc6661df60338b81a4cea4bb1e

  • SHA1

    be5db2f851c106b5f68baa4587c4688446b6bf1c

  • SHA256

    ac4a465b7677dcfd511f23ff66d88fd84620e08b81dd83e9286e5e72fca5e0e9

  • SHA512

    91964230061096b19e19b1a6567b21c9756d0ce76b836c9af722b117cd8dbbb4e3b9b733dd5d55399c9c37cd0217d1316565ea20071df06b24adf7c8e8cd5c9c

  • SSDEEP

    1536:8ChrVkT1hoxJTxRcTGJNOJh1n/O+yCx9Fs/i7sUtnRnJ:nB2Tna3bq1n99K/i7tR

Score
7/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      ac4a465b7677dcfd511f23ff66d88fd84620e08b81dd83e9286e5e72fca5e0e9

    • Size

      200KB

    • MD5

      388beefc6661df60338b81a4cea4bb1e

    • SHA1

      be5db2f851c106b5f68baa4587c4688446b6bf1c

    • SHA256

      ac4a465b7677dcfd511f23ff66d88fd84620e08b81dd83e9286e5e72fca5e0e9

    • SHA512

      91964230061096b19e19b1a6567b21c9756d0ce76b836c9af722b117cd8dbbb4e3b9b733dd5d55399c9c37cd0217d1316565ea20071df06b24adf7c8e8cd5c9c

    • SSDEEP

      1536:8ChrVkT1hoxJTxRcTGJNOJh1n/O+yCx9Fs/i7sUtnRnJ:nB2Tna3bq1n99K/i7tR

    Score
    7/10
    discoverypersistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks