Overview

overview

8

Static

static

ed6b989816...39.exe

windows7-x64

8

ed6b989816...39.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    ed6b989816f760553406d40d1d707564d1108a7b1e40dd259986e221cd6ce539

  • Size

    404KB

  • Sample

    221028-1evpwsgfcm

  • MD5

    0c92b8f9d2b6669fc927f6dd01d58b1d

  • SHA1

    cea00b2aa6424a7373c6aba58e2a75fb4d8b40ed

  • SHA256

    ed6b989816f760553406d40d1d707564d1108a7b1e40dd259986e221cd6ce539

  • SHA512

    68f7d36b9b9c4ca7c2d5190b00eef360cd864707a1fc1a1437a2cf25eef2fa14fefe4bbaa09d767cc00bfd5a75f0cf05b6aae0fe2583669d2cfda1e8c515df60

  • SSDEEP

    6144:j2gwBlB8an7MrQYbUc6THBuTq7KvxgCoZ7WWlqwncr+wBdF7bDJG:662HYH6TBMq7KvxhoZC8n0+wBdFP1G

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      ed6b989816f760553406d40d1d707564d1108a7b1e40dd259986e221cd6ce539

    • Size

      404KB

    • MD5

      0c92b8f9d2b6669fc927f6dd01d58b1d

    • SHA1

      cea00b2aa6424a7373c6aba58e2a75fb4d8b40ed

    • SHA256

      ed6b989816f760553406d40d1d707564d1108a7b1e40dd259986e221cd6ce539

    • SHA512

      68f7d36b9b9c4ca7c2d5190b00eef360cd864707a1fc1a1437a2cf25eef2fa14fefe4bbaa09d767cc00bfd5a75f0cf05b6aae0fe2583669d2cfda1e8c515df60

    • SSDEEP

      6144:j2gwBlB8an7MrQYbUc6THBuTq7KvxgCoZ7WWlqwncr+wBdF7bDJG:662HYH6TBMq7KvxhoZC8n0+wBdFP1G

    Score
    8/10
    upxpersistence

    • Adds policy Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks