General

  • Target

    a407101bb3f2cf7f34ee5b0025fa80d7c488dd7aa789522333461fa5d73b69e7

  • Size

    575KB

  • Sample

    220201-th8ycshef9

  • MD5

    d35d80dd4d84ac71f3e3254704c4e426

  • SHA1

    4ed0731be0b08cb83032923dbc1e9f7b1ea03932

  • SHA256

    a407101bb3f2cf7f34ee5b0025fa80d7c488dd7aa789522333461fa5d73b69e7

  • SHA512

    8e757350492d4bc95beb5056f85cd1a3791c136e1a7bb7481be2d420377c904e84adf2a23f29c3f8154225f9b45d9cd0fb0209bbc21d2e833920bb83eb338ea8

Score
10/10

Malware Config

Targets

    • Target

      a407101bb3f2cf7f34ee5b0025fa80d7c488dd7aa789522333461fa5d73b69e7

    • Size

      575KB

    • MD5

      d35d80dd4d84ac71f3e3254704c4e426

    • SHA1

      4ed0731be0b08cb83032923dbc1e9f7b1ea03932

    • SHA256

      a407101bb3f2cf7f34ee5b0025fa80d7c488dd7aa789522333461fa5d73b69e7

    • SHA512

      8e757350492d4bc95beb5056f85cd1a3791c136e1a7bb7481be2d420377c904e84adf2a23f29c3f8154225f9b45d9cd0fb0209bbc21d2e833920bb83eb338ea8

    Score
    10/10
    • TA505

      Cybercrime group active since 2015, responsible for families like Dridex and Locky.

    • Blocklisted process makes network request

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks