Overview

overview

7

Static

static

7

WebHook-Spammer.exe

windows7-x64

7

WebHook-Spammer.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    240920-3jlnwsvcjm_pw_infected.zip

  • Size

    6KB

  • Sample

    240920-3xxy3svhqj

  • MD5

    8413eec45500631caabc9826c6b44962

  • SHA1

    1d98522874fa87496451741fda2c73e046a8e106

  • SHA256

    de1c990c6d75b69426117413ff9156229cbf0253607ff2ae729295392254037a

  • SHA512

    02b6681c070140630fb13853d98e48b6f197d2d031b2d7d71bc530be9561cb3ee1710233da7333287a7147ad1b760107a2e7e5e74d5149b7282076b405dad463

  • SSDEEP

    192:dvwz/Yk7nC7H5lJlCqd65B+rPrHHFdIQ0Q:+JnC7Zb3NrFdnp

Score
7/10
discoveryupx

Malware Config

Targets

    • Target

      WebHook-Spammer.exe

    • Size

      8KB

    • MD5

      9e836a50ed510ec353422df8c49229be

    • SHA1

      f404417a07db34b5a3ec30e79a3991068959c259

    • SHA256

      7c032e3fb32d5ab26fe5b23d77c3cabe15a48cad292a801d01921eae10362576

    • SHA512

      28f800c452172b9958e05964d11893d46027408d79ad2ded96af6c071d30e221c7098dbfa0663622780c17c965c3a4286df6abd05bc57604feeca4cb6c65d92d

    • SSDEEP

      192:mtLuh4GMCC1D97tZoPd7TljmFaNJhLkwcud2DH9VwGfct18O:4ah4GO9MxyaNJawcudoD7Ux

    Score
    7/10
    discoveryupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks