Overview

overview

8

Static

static

8

8a584a0d9f...78.exe

windows7-x64

8

8a584a0d9f...78.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    8a584a0d9f5e812a868e978bfe54d2aa69be25fa96fa2b44f77529136bbca778

  • Size

    191KB

  • Sample

    220919-xyz7yahddm

  • MD5

    3d380a7c6c9918259741b986650f8a5d

  • SHA1

    4c390abee3f2dcee386f6ba5fc8b00d734207a7e

  • SHA256

    8a584a0d9f5e812a868e978bfe54d2aa69be25fa96fa2b44f77529136bbca778

  • SHA512

    3b22ee25183e56ccf448cdf26d25a9ced1824b0119fb45a67a713ab4942baa4f4c1a9f9c2c183fc54ee347ffe0e32079089a6780872c1107eeadc352f2eef7de

  • SSDEEP

    3072:3MKRGUlmlzOdQwCnUTDaioya+ghKr5Gb9C3HZkvtGTwtoT4/KtPaffT+Iyo:1MajQwqUTDaioKERC3HytGTwtqtPa

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      8a584a0d9f5e812a868e978bfe54d2aa69be25fa96fa2b44f77529136bbca778

    • Size

      191KB

    • MD5

      3d380a7c6c9918259741b986650f8a5d

    • SHA1

      4c390abee3f2dcee386f6ba5fc8b00d734207a7e

    • SHA256

      8a584a0d9f5e812a868e978bfe54d2aa69be25fa96fa2b44f77529136bbca778

    • SHA512

      3b22ee25183e56ccf448cdf26d25a9ced1824b0119fb45a67a713ab4942baa4f4c1a9f9c2c183fc54ee347ffe0e32079089a6780872c1107eeadc352f2eef7de

    • SSDEEP

      3072:3MKRGUlmlzOdQwCnUTDaioya+ghKr5Gb9C3HZkvtGTwtoT4/KtPaffT+Iyo:1MajQwqUTDaioKERC3HytGTwtqtPa

    Score
    8/10
    persistenceupx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks