Overview

overview

7

Static

static

3

3e22cd2ddf...aN.exe

windows7-x64

7

3e22cd2ddf...aN.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    3e22cd2ddf85ecd2c228910c6ad13ef22307c0c03950469c5a8d10967c79f41aN

  • Size

    208KB

  • Sample

    240930-m9jn8asajm

  • MD5

    40e1a1c5d93a6d624f2da31109d732a0

  • SHA1

    7b6c8e27adf9159e08129b5455880cfe6b9f5d27

  • SHA256

    3e22cd2ddf85ecd2c228910c6ad13ef22307c0c03950469c5a8d10967c79f41a

  • SHA512

    305ccac723e883b84e2008d0195f9a48cf984308ef2f2f8d16eb3671a2889cebd6bfe7c3b15ef8b7272c081ec13f94d635d2b0550cf79991b7a41060488da459

  • SSDEEP

    3072:Lo7Vnk9g6PgNi0ayG0W2RaZaSw9z+B8D0i8NZGmuu+pT0CivmSNDYX:Lottw6sbF2RaA1B+BwXj+G0ZRG

Score
7/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      3e22cd2ddf85ecd2c228910c6ad13ef22307c0c03950469c5a8d10967c79f41aN

    • Size

      208KB

    • MD5

      40e1a1c5d93a6d624f2da31109d732a0

    • SHA1

      7b6c8e27adf9159e08129b5455880cfe6b9f5d27

    • SHA256

      3e22cd2ddf85ecd2c228910c6ad13ef22307c0c03950469c5a8d10967c79f41a

    • SHA512

      305ccac723e883b84e2008d0195f9a48cf984308ef2f2f8d16eb3671a2889cebd6bfe7c3b15ef8b7272c081ec13f94d635d2b0550cf79991b7a41060488da459

    • SSDEEP

      3072:Lo7Vnk9g6PgNi0ayG0W2RaZaSw9z+B8D0i8NZGmuu+pT0CivmSNDYX:Lottw6sbF2RaA1B+BwXj+G0ZRG

    Score
    7/10
    discoverypersistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks