Overview

overview

10

Static

static

8

95558a86e9...32.exe

windows7-x64

10

95558a86e9...32.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    95558a86e9f9259e64451f76894f54b2e9271f8f185a84d3535bfddc23132732

  • Size

    843KB

  • Sample

    220919-rsdtvscge4

  • MD5

    10b30a5a05284e15e8755caf6e0202a7

  • SHA1

    9c32cbdbc5630d87c1fd55493b73555e27f29a37

  • SHA256

    95558a86e9f9259e64451f76894f54b2e9271f8f185a84d3535bfddc23132732

  • SHA512

    30c33e2dfe7a9479d4a80757dd339e659625b50540279812161ca043bddbe47641c81e109ce48b3611f27e35b43cff2ed1adc564da1b46d4101820b757b21987

  • SSDEEP

    24576:FFE//Tct4bOsiUhuaXl1xd7LCMr9ovxKZ24E:PSVtl1xdHnsKZ24E

Score
10/10
persistenceupx

Malware Config

Targets

    • Target

      95558a86e9f9259e64451f76894f54b2e9271f8f185a84d3535bfddc23132732

    • Size

      843KB

    • MD5

      10b30a5a05284e15e8755caf6e0202a7

    • SHA1

      9c32cbdbc5630d87c1fd55493b73555e27f29a37

    • SHA256

      95558a86e9f9259e64451f76894f54b2e9271f8f185a84d3535bfddc23132732

    • SHA512

      30c33e2dfe7a9479d4a80757dd339e659625b50540279812161ca043bddbe47641c81e109ce48b3611f27e35b43cff2ed1adc564da1b46d4101820b757b21987

    • SSDEEP

      24576:FFE//Tct4bOsiUhuaXl1xd7LCMr9ovxKZ24E:PSVtl1xdHnsKZ24E

    Score
    10/10
    persistenceupx

    • Modifies WinLogon for persistence

      persistence

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Deletes itself

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks