Overview

overview

10

Static

static

8

0ef818fde1...8d.exe

windows7-x64

10

0ef818fde1...8d.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    0ef818fde1fd7dda048a15e007d0b6ac91991d33455f8484c7d711886f9dc48d

  • Size

    47KB

  • Sample

    221011-s6dxfscbg5

  • MD5

    28e295ffaf5da322daff5f26ce8999f0

  • SHA1

    463bb20ac7e8622658cb368a21f72bced9321ed2

  • SHA256

    0ef818fde1fd7dda048a15e007d0b6ac91991d33455f8484c7d711886f9dc48d

  • SHA512

    4ed43be169abf998b6d771bce80006d5776bb4198145720d6ae47e6a571b3c60614885159215c2e6ea32a2bbc454de7576fd46c6728cf15aadd1a1f1b74e99a6

  • SSDEEP

    768:I+0yWsg9lNj2wnziIBGWZlzCEuor6BvUA/TRatQ6pb8irQiWy+IUScmTzaYIDfbe:j0yK9lZiIBHvr+vZtezoirQiWLIUWbR

Score
10/10
evasionpersistenceupx

Malware Config

Targets

    • Target

      0ef818fde1fd7dda048a15e007d0b6ac91991d33455f8484c7d711886f9dc48d

    • Size

      47KB

    • MD5

      28e295ffaf5da322daff5f26ce8999f0

    • SHA1

      463bb20ac7e8622658cb368a21f72bced9321ed2

    • SHA256

      0ef818fde1fd7dda048a15e007d0b6ac91991d33455f8484c7d711886f9dc48d

    • SHA512

      4ed43be169abf998b6d771bce80006d5776bb4198145720d6ae47e6a571b3c60614885159215c2e6ea32a2bbc454de7576fd46c6728cf15aadd1a1f1b74e99a6

    • SSDEEP

      768:I+0yWsg9lNj2wnziIBGWZlzCEuor6BvUA/TRatQ6pb8irQiWy+IUScmTzaYIDfbe:j0yK9lZiIBHvr+vZtezoirQiWLIUWbR

    Score
    10/10
    evasionpersistenceupx

    • Modifies firewall policy service

      evasion

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks