Overview

overview

10

Static

static

8

1cd2c1b5a0...1d.exe

windows7-x64

10

1cd2c1b5a0...1d.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1cd2c1b5a0a7130503482670bf57375faa87f06e9e50ca95e2aac18550883b1d

  • Size

    1.0MB

  • Sample

    221106-pbe99adadr

  • MD5

    0645e3ee516ab366f2ec30ab92f80c51

  • SHA1

    8b045dbf0d5982e83ea5a8b33a35e0cd0db0e55a

  • SHA256

    1cd2c1b5a0a7130503482670bf57375faa87f06e9e50ca95e2aac18550883b1d

  • SHA512

    6ce7809f51de180c6dc9fd6a3490b67c0021da2e2520b71cc98c7ef7b3be2f61ddf0196d39b287fa00a9de39c94f146772d13c3b6d9325a36b74da07d61c92b0

  • SSDEEP

    24576:3uhaBeZJ8NI8DerQZb+md4wmWOieZJ8NI8hh:YT8DerQZbd2P8n

Score
10/10
evasionpersistenceupx

Malware Config

Targets

    • Target

      1cd2c1b5a0a7130503482670bf57375faa87f06e9e50ca95e2aac18550883b1d

    • Size

      1.0MB

    • MD5

      0645e3ee516ab366f2ec30ab92f80c51

    • SHA1

      8b045dbf0d5982e83ea5a8b33a35e0cd0db0e55a

    • SHA256

      1cd2c1b5a0a7130503482670bf57375faa87f06e9e50ca95e2aac18550883b1d

    • SHA512

      6ce7809f51de180c6dc9fd6a3490b67c0021da2e2520b71cc98c7ef7b3be2f61ddf0196d39b287fa00a9de39c94f146772d13c3b6d9325a36b74da07d61c92b0

    • SSDEEP

      24576:3uhaBeZJ8NI8DerQZb+md4wmWOieZJ8NI8hh:YT8DerQZbd2P8n

    Score
    10/10
    evasionpersistenceupx

    • Modifies visibility of file extensions in Explorer

      evasion

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

      evasion

    • Executes dropped EXE

    • Sets file execution options in registry

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks