Overview

overview

8

Static

static

8

31b803ccce...24.exe

windows7-x64

8

31b803ccce...24.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    31b803ccce04972adb6a173954aa8ab5fbb82f0699acc0ce40117c82b4c2bd24

  • Size

    796KB

  • Sample

    220919-d86b6aafhj

  • MD5

    0c6dc740cf013cc3c64cae7703bcf1ab

  • SHA1

    4fc5ebe0161e5549f4e81d3776f6f8af26b5da2a

  • SHA256

    31b803ccce04972adb6a173954aa8ab5fbb82f0699acc0ce40117c82b4c2bd24

  • SHA512

    6e902d02b34985eb8c04fe56c92a9ddcd7157f5fd51f232bab0c6779652eb855c9b3c9a39ca313185a74e70cf53d800b53b9f49c88d6103effc326d21e74bafc

  • SSDEEP

    12288:rbpHYUKy5U1bo9t8DMRSW9vbciUiLuAvOxMt11i27Qitj7HANUTNk:r5sJo6YrFUiyAak11Ltjs

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      31b803ccce04972adb6a173954aa8ab5fbb82f0699acc0ce40117c82b4c2bd24

    • Size

      796KB

    • MD5

      0c6dc740cf013cc3c64cae7703bcf1ab

    • SHA1

      4fc5ebe0161e5549f4e81d3776f6f8af26b5da2a

    • SHA256

      31b803ccce04972adb6a173954aa8ab5fbb82f0699acc0ce40117c82b4c2bd24

    • SHA512

      6e902d02b34985eb8c04fe56c92a9ddcd7157f5fd51f232bab0c6779652eb855c9b3c9a39ca313185a74e70cf53d800b53b9f49c88d6103effc326d21e74bafc

    • SSDEEP

      12288:rbpHYUKy5U1bo9t8DMRSW9vbciUiLuAvOxMt11i27Qitj7HANUTNk:r5sJo6YrFUiyAak11Ltjs

    Score
    8/10
    persistenceupx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks