Overview

overview

8

Static

static

E3EA35FA7F...24.exe

windows7_x64

8

E3EA35FA7F...24.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e3ea35fa7f983485414e4991f7b691f2d8938cd296a186a0f6d83d41d604f424.zip

  • Size

    45.1MB

  • Sample

    211019-rmhkvsghbn

  • MD5

    fede355d5d6351ec6419f675959f79dd

  • SHA1

    dad209157da55f254853197b77a12daad82f5f16

  • SHA256

    96913da5c4d6922d34b872708846772f9402dd2529bbce6bc4d4dfc3078b35bd

  • SHA512

    6ce0b9031c11a4a9e01ed497ba4735b2ab3e115db790a8a5c8544eca5a09584c2aca341299740b939a46b34919c4f2244053eec4bf8f82f976ca6a591426718c

Score
8/10
discoveryupx

Malware Config

Targets

    • Target

      E3EA35FA7F983485414E4991F7B691F2D8938CD296A186A0F6D83D41D604F424

    • Size

      45.2MB

    • MD5

      e54c7926d270556a8431f5a1bd9f170d

    • SHA1

      4ee0d0c23e5f02d9baeaadb013a88bf675ab6679

    • SHA256

      e3ea35fa7f983485414e4991f7b691f2d8938cd296a186a0f6d83d41d604f424

    • SHA512

      7a63d708877c14cdb50b10683338416374ef72d5d88d6daf4a33acf92363fb5635f7d999db84e0b630278070071c8946da03b139d1db1e8b69a951666ce3126c

    Score
    8/10
    discoveryupx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks