Overview

overview

7

Static

static

5

add399390f...8N.exe

windows7-x64

7

add399390f...8N.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    add399390f0a415d23e59e1c6b789b8c9c187d07e5428812f318a7072e10ea28N

  • Size

    1.3MB

  • Sample

    241009-tgeywsycqq

  • MD5

    6ab1a28aac7d38aac1f666498dc0bae0

  • SHA1

    61b5c03ed8c3c08b80dc2b465915cf320507ea63

  • SHA256

    add399390f0a415d23e59e1c6b789b8c9c187d07e5428812f318a7072e10ea28

  • SHA512

    8f17b830e5f6e7dab0262c372a8cdf6b8fa10e5ace136245f002fdc87becb58a4eb3b0273c64cd3a6998a9322a9437913a26635dc8aaf56c41d37175acdb6032

  • SSDEEP

    24576:nAD3HRNtvJ2QY6ynjTdcpLmBtMs51aoflG4/iMtQkSNSFkeKvvvvLpphd7d8ddP2:nkpBs5dlG4/i0QkSoeeKvvvvLpphd7dv

Score
7/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      add399390f0a415d23e59e1c6b789b8c9c187d07e5428812f318a7072e10ea28N

    • Size

      1.3MB

    • MD5

      6ab1a28aac7d38aac1f666498dc0bae0

    • SHA1

      61b5c03ed8c3c08b80dc2b465915cf320507ea63

    • SHA256

      add399390f0a415d23e59e1c6b789b8c9c187d07e5428812f318a7072e10ea28

    • SHA512

      8f17b830e5f6e7dab0262c372a8cdf6b8fa10e5ace136245f002fdc87becb58a4eb3b0273c64cd3a6998a9322a9437913a26635dc8aaf56c41d37175acdb6032

    • SSDEEP

      24576:nAD3HRNtvJ2QY6ynjTdcpLmBtMs51aoflG4/iMtQkSNSFkeKvvvvLpphd7d8ddP2:nkpBs5dlG4/i0QkSoeeKvvvvLpphd7dv

    Score
    7/10
    discoverypersistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks