Overview

overview

10

Static

static

a892ddcf5c...8b.exe

windows7-x64

10

a892ddcf5c...8b.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    a892ddcf5c03a09cd9058cf15c5664ffc667957886496893f235f9cd9c5b5a8b

  • Size

    400KB

  • Sample

    221003-fhcchagfg3

  • MD5

    6ac2f9e1d1040c4f7991cd4da9c59951

  • SHA1

    0121781876675e76d1ce299d3ca1ef826af405d0

  • SHA256

    a892ddcf5c03a09cd9058cf15c5664ffc667957886496893f235f9cd9c5b5a8b

  • SHA512

    b38fe86b9445318a684cfab23066a15095c8cca055a2c34ee41776de809f361d9fa038ec9ab7dcaae74e74e3e8be1c0cfdb283556b64ed6c7cad85bc1dd1b6bb

  • SSDEEP

    3072:KR2xn3k0CdM1vabyzJYWqgT7a55Qhj0XVq+eeHs60IIeLSD4XM+TzHv/hTcN:KR2J0LS6VqZ5KE+eBcIiXM+n/5c

Score
10/10
persistenceupx

Malware Config

Targets

    • Target

      a892ddcf5c03a09cd9058cf15c5664ffc667957886496893f235f9cd9c5b5a8b

    • Size

      400KB

    • MD5

      6ac2f9e1d1040c4f7991cd4da9c59951

    • SHA1

      0121781876675e76d1ce299d3ca1ef826af405d0

    • SHA256

      a892ddcf5c03a09cd9058cf15c5664ffc667957886496893f235f9cd9c5b5a8b

    • SHA512

      b38fe86b9445318a684cfab23066a15095c8cca055a2c34ee41776de809f361d9fa038ec9ab7dcaae74e74e3e8be1c0cfdb283556b64ed6c7cad85bc1dd1b6bb

    • SSDEEP

      3072:KR2xn3k0CdM1vabyzJYWqgT7a55Qhj0XVq+eeHs60IIeLSD4XM+TzHv/hTcN:KR2J0LS6VqZ5KE+eBcIiXM+n/5c

    Score
    10/10
    persistenceupx

    • Modifies WinLogon for persistence

      persistence

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks