Overview

overview

8

Static

static

ca8479656c...cd.exe

windows7-x64

8

ca8479656c...cd.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    ca8479656cc214006ecd5e5d66fa729616925d1e96a6a39270cd367adb022dcd

  • Size

    130KB

  • Sample

    220919-lc75waacf6

  • MD5

    8b7f8c3d13896bd2e26f96a17dcff38e

  • SHA1

    57e2b70c7eeeae46986b0a6779551370e1a23ffe

  • SHA256

    ca8479656cc214006ecd5e5d66fa729616925d1e96a6a39270cd367adb022dcd

  • SHA512

    e934c0a17c794f94a11f2de1bdf1222490dbefa3a54a9910332615b2b0309f439785746fe38799a8b196507282c77245a5fd3c20e95f7a722e4ca9ea8d4286d9

  • SSDEEP

    3072:ci9LGd2q6kfXlS9s5k6VokZifpAcoTRJuY7gsIO32Pc9:tNO+kfXcCPsfKTp7yO

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      ca8479656cc214006ecd5e5d66fa729616925d1e96a6a39270cd367adb022dcd

    • Size

      130KB

    • MD5

      8b7f8c3d13896bd2e26f96a17dcff38e

    • SHA1

      57e2b70c7eeeae46986b0a6779551370e1a23ffe

    • SHA256

      ca8479656cc214006ecd5e5d66fa729616925d1e96a6a39270cd367adb022dcd

    • SHA512

      e934c0a17c794f94a11f2de1bdf1222490dbefa3a54a9910332615b2b0309f439785746fe38799a8b196507282c77245a5fd3c20e95f7a722e4ca9ea8d4286d9

    • SSDEEP

      3072:ci9LGd2q6kfXlS9s5k6VokZifpAcoTRJuY7gsIO32Pc9:tNO+kfXcCPsfKTp7yO

    Score
    8/10
    persistenceupx

    • Blocklisted process makes network request

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks