Overview

overview

8

Static

static

5

b90c0b1b72...66.exe

windows7-x64

6

b90c0b1b72...66.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b90c0b1b72fb573d74c9996b4b6a0cfc1699a066

  • Size

    6.4MB

  • Sample

    241120-rgk4ssxqgs

  • MD5

    58bacc0d97258aadf00f1c32beeac8a3

  • SHA1

    b90c0b1b72fb573d74c9996b4b6a0cfc1699a066

  • SHA256

    a25164a9205a1919fdc85976f6838bd52de858692e885244518d20a5a880fae7

  • SHA512

    0644995ffa4f9f2965edba8b0ddc9e3d8d6a517046cc6e95c852e889e3d4d5219fb7270fd6f1ee202cf20a410cf23296377e46e5ffca4be7dba85cf9e0d8ec6d

  • SSDEEP

    196608:YNvMhd5LqFOjkCTIMfjnm22IDsDEmufqDFe3S4HtiYzlDA:YNvMhfLqFOjkyfzmJIYa0Otpq

Score
8/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      b90c0b1b72fb573d74c9996b4b6a0cfc1699a066

    • Size

      6.4MB

    • MD5

      58bacc0d97258aadf00f1c32beeac8a3

    • SHA1

      b90c0b1b72fb573d74c9996b4b6a0cfc1699a066

    • SHA256

      a25164a9205a1919fdc85976f6838bd52de858692e885244518d20a5a880fae7

    • SHA512

      0644995ffa4f9f2965edba8b0ddc9e3d8d6a517046cc6e95c852e889e3d4d5219fb7270fd6f1ee202cf20a410cf23296377e46e5ffca4be7dba85cf9e0d8ec6d

    • SSDEEP

      196608:YNvMhd5LqFOjkCTIMfjnm22IDsDEmufqDFe3S4HtiYzlDA:YNvMhfLqFOjkyfzmJIYa0Otpq

    Score
    8/10
    discoverypersistenceupx

    • Drops file in Drivers directory

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks