Overview

overview

8

Static

static

27e8196401...aa.exe

windows7-x64

8

27e8196401...aa.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    27e8196401b04c0d1845152be0877094e57397f509bed8046b36e1b1029820aa

  • Size

    112KB

  • Sample

    221020-l2mv8sggd7

  • MD5

    80677edda94f587779997e7d3b47365e

  • SHA1

    a774b737c1981d36171464371fd43703b3661392

  • SHA256

    27e8196401b04c0d1845152be0877094e57397f509bed8046b36e1b1029820aa

  • SHA512

    512ba6e18eff909b93729c933ccb6860290b27f7a4b29b3024837caa6cee4bbe0531b78d31699d0c6b236882fe0d4988fc8bd471eb26396f788faccc798858c6

  • SSDEEP

    1536:+T4q/5kwYvNcWNl4MfCCpYwlgNPQ6fF+K0g1yBubzFkh34SGDLHI:HlGlog1yBub5DfI

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      27e8196401b04c0d1845152be0877094e57397f509bed8046b36e1b1029820aa

    • Size

      112KB

    • MD5

      80677edda94f587779997e7d3b47365e

    • SHA1

      a774b737c1981d36171464371fd43703b3661392

    • SHA256

      27e8196401b04c0d1845152be0877094e57397f509bed8046b36e1b1029820aa

    • SHA512

      512ba6e18eff909b93729c933ccb6860290b27f7a4b29b3024837caa6cee4bbe0531b78d31699d0c6b236882fe0d4988fc8bd471eb26396f788faccc798858c6

    • SSDEEP

      1536:+T4q/5kwYvNcWNl4MfCCpYwlgNPQ6fF+K0g1yBubzFkh34SGDLHI:HlGlog1yBub5DfI

    Score
    8/10
    persistenceupx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks