Overview

overview

8

Static

static

1951d17bb5...8f.exe

windows7-x64

8

1951d17bb5...8f.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    1951d17bb564b9a94d4d36feb5d2055ba2a4439a4a386e791d53ef5d75c7768f

  • Size

    71KB

  • Sample

    221029-bb8d5sedd3

  • MD5

    0065f11bb8c4bc961676631925f3e5d8

  • SHA1

    404305c76ddcf92da3fb5df9e1093d16d8298595

  • SHA256

    1951d17bb564b9a94d4d36feb5d2055ba2a4439a4a386e791d53ef5d75c7768f

  • SHA512

    05ab1f7de12c99433370b959d4b3d26f6018984643268c1bb4bb068423bc9dcc1c9e52a83cf228b456f48176ebed34ecd3387b96f5ed7d01dd44e42e294e1ab1

  • SSDEEP

    1536:3yqRQ0geIatV/lsaQUAHszZo3PeLfADXIIiiM:zy/atVU9lII7II1M

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      1951d17bb564b9a94d4d36feb5d2055ba2a4439a4a386e791d53ef5d75c7768f

    • Size

      71KB

    • MD5

      0065f11bb8c4bc961676631925f3e5d8

    • SHA1

      404305c76ddcf92da3fb5df9e1093d16d8298595

    • SHA256

      1951d17bb564b9a94d4d36feb5d2055ba2a4439a4a386e791d53ef5d75c7768f

    • SHA512

      05ab1f7de12c99433370b959d4b3d26f6018984643268c1bb4bb068423bc9dcc1c9e52a83cf228b456f48176ebed34ecd3387b96f5ed7d01dd44e42e294e1ab1

    • SSDEEP

      1536:3yqRQ0geIatV/lsaQUAHszZo3PeLfADXIIiiM:zy/atVU9lII7II1M

    Score
    8/10
    persistenceupx

    • Adds policy Run key to start application

      persistence

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks