Overview

overview

8

Static

static

5

42eb92608a...b7.exe

windows7-x64

8

42eb92608a...b7.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    42eb92608a3fbab18b461709eff2f1b0bcf7c4ce61efdc71a6e7b82dddd7c3b7

  • Size

    56KB

  • Sample

    241012-z1hf1swbjl

  • MD5

    f15b423644bd4788a4ce902709ca3eb2

  • SHA1

    74b3cdc1b9e3b7ae3b9bdfff8aa5c94999d2c1ea

  • SHA256

    42eb92608a3fbab18b461709eff2f1b0bcf7c4ce61efdc71a6e7b82dddd7c3b7

  • SHA512

    9ba71c61d3ae004f59d6e77396e9e6e0ba7dcee181034ef4c378ad2d591c152e4d831751cbeb4862e6a89f69c754b305b73de84ad82a1273f6a96fd59342bd7a

  • SSDEEP

    768:ae2mxDMm+STZ5UW0Z080t0M06EdXUs1Zh:txft5gdEs9

Score
8/10
discoveryupx

Malware Config

Targets

    • Target

      42eb92608a3fbab18b461709eff2f1b0bcf7c4ce61efdc71a6e7b82dddd7c3b7

    • Size

      56KB

    • MD5

      f15b423644bd4788a4ce902709ca3eb2

    • SHA1

      74b3cdc1b9e3b7ae3b9bdfff8aa5c94999d2c1ea

    • SHA256

      42eb92608a3fbab18b461709eff2f1b0bcf7c4ce61efdc71a6e7b82dddd7c3b7

    • SHA512

      9ba71c61d3ae004f59d6e77396e9e6e0ba7dcee181034ef4c378ad2d591c152e4d831751cbeb4862e6a89f69c754b305b73de84ad82a1273f6a96fd59342bd7a

    • SSDEEP

      768:ae2mxDMm+STZ5UW0Z080t0M06EdXUs1Zh:txft5gdEs9

    Score
    8/10
    discoveryupx

    • Drops file in Drivers directory

    • Manipulates Digital Signatures

      Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks