Overview

overview

8

Static

static

de89355883...33.dll

windows7-x64

8

de89355883...33.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    de89355883c6e75e912fd9d30a408e11707e6ce8bab1c3cc810dd93a3e3af933

  • Size

    100KB

  • Sample

    221107-l2cehadcar

  • MD5

    06b4d80b33f9383ddc4f2b03f0269a00

  • SHA1

    bb8ddc6d59feb9ce62f2a26b8008161fdac11cd2

  • SHA256

    de89355883c6e75e912fd9d30a408e11707e6ce8bab1c3cc810dd93a3e3af933

  • SHA512

    cf7bfe5ea7067340b00589408699e44d2cd2cf496e0afdea44448d24b887a24bf16b3f4d30e2b1f2d28bae93f3c5cffdf4bac20ede444ab5b8e55d694ca552d6

  • SSDEEP

    3072:MJhn8yXaW+FSgBylUEtCTK3eK7WPUhzoIqWFzJE31My:MJhKbYZ6PRQY6

Score
8/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      de89355883c6e75e912fd9d30a408e11707e6ce8bab1c3cc810dd93a3e3af933

    • Size

      100KB

    • MD5

      06b4d80b33f9383ddc4f2b03f0269a00

    • SHA1

      bb8ddc6d59feb9ce62f2a26b8008161fdac11cd2

    • SHA256

      de89355883c6e75e912fd9d30a408e11707e6ce8bab1c3cc810dd93a3e3af933

    • SHA512

      cf7bfe5ea7067340b00589408699e44d2cd2cf496e0afdea44448d24b887a24bf16b3f4d30e2b1f2d28bae93f3c5cffdf4bac20ede444ab5b8e55d694ca552d6

    • SSDEEP

      3072:MJhn8yXaW+FSgBylUEtCTK3eK7WPUhzoIqWFzJE31My:MJhKbYZ6PRQY6

    Score
    8/10
    discoverypersistenceupx

    • Blocklisted process makes network request

    • Sets DLL path for service in the registry

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks