Overview

overview

8

Static

static

3

Drone.exe

windows7-x64

8

Drone.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Drone.exe

  • Size

    10.8MB

  • Sample

    220907-pdfnsshcdp

  • MD5

    bcae7048ad2892340dfb30eb933b459e

  • SHA1

    62e50ee132522efe74d085e7f3fd50036da32460

  • SHA256

    95e42b8028ef1830b2cda9ac38e7efd4932ac50d5e2f438fdc56c1a80cdeaeca

  • SHA512

    a2432c3789c0db0de29f40cc3b70244dc978c5f08dcb6343bed35c8af15df95faea1749640c68e519386019221c187591f734f7de47b237f7b81d89dbeba71d5

  • SSDEEP

    196608:sRDUpbDO6DjzpLRUZtO0oAinb40Jf0W8/LannM77SQs5FpjlX9DVCu0:Fpb3dCEb40JcW8uM7GRPpt3J

Score
8/10
pyinstallerupx

Malware Config

Targets

    • Target

      Drone.exe

    • Size

      10.8MB

    • MD5

      bcae7048ad2892340dfb30eb933b459e

    • SHA1

      62e50ee132522efe74d085e7f3fd50036da32460

    • SHA256

      95e42b8028ef1830b2cda9ac38e7efd4932ac50d5e2f438fdc56c1a80cdeaeca

    • SHA512

      a2432c3789c0db0de29f40cc3b70244dc978c5f08dcb6343bed35c8af15df95faea1749640c68e519386019221c187591f734f7de47b237f7b81d89dbeba71d5

    • SSDEEP

      196608:sRDUpbDO6DjzpLRUZtO0oAinb40Jf0W8/LannM77SQs5FpjlX9DVCu0:Fpb3dCEb40JcW8uM7GRPpt3J

    Score
    8/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks