Overview

overview

8

Static

static

8A455638B0...F4.exe

windows7_x64

8

8A455638B0...F4.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8a455638b0e2e9b8d663e96a7d2316ec0e896240aa5f84c318e191de123d09f4.zip

  • Size

    45.1MB

  • Sample

    211019-rmq71agaa8

  • MD5

    c594573bb171db3d62d146d287575913

  • SHA1

    f9fc86cbf6bfe65358ce3d02e22b51db6a2a527c

  • SHA256

    0550f2340aef367ce3021cc9656f4665100189ad8ae2d88ae27947bb5cfc7256

  • SHA512

    cb791a705125fb133c07861aa9579fa681e2d36c60a55a93a3db9f0eedef8eb678d7adb3147aa4f06a8a9f11ccd715bda78015d61221a2492e1f37b8351726c7

Score
8/10
discoveryupx

Malware Config

Targets

    • Target

      8A455638B0E2E9B8D663E96A7D2316EC0E896240AA5F84C318E191DE123D09F4

    • Size

      45.2MB

    • MD5

      b750e349310b228391cedfe3a8175917

    • SHA1

      dfc261882f6b6eed606ba9a3d56a9b96816fc794

    • SHA256

      8a455638b0e2e9b8d663e96a7d2316ec0e896240aa5f84c318e191de123d09f4

    • SHA512

      11051ea63031688cf9cbe9a66354fe8b4285c94847b2eaedfecf68d0352dbdced87967748ba8baf65f3f3fd31fd05c4693748038cd0bb3b16681f7c92d44496f

    Score
    8/10
    discoveryupx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks