Overview

overview

9

Static

static

1

c1877fefa1...1d.exe

windows7-x64

9

c1877fefa1...1d.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    c1877fefa13a1104da580d732e1e70eaa57542257bd251a768ddb1ba1258fa1d

  • Size

    8.4MB

  • Sample

    221121-26tgksba55

  • MD5

    8560987c49a0dd4cb88cc3a090d25ca7

  • SHA1

    d4fb469825a3a40c8df3ab8dc3fcddddb367fa47

  • SHA256

    c1877fefa13a1104da580d732e1e70eaa57542257bd251a768ddb1ba1258fa1d

  • SHA512

    da26b1fa29b60cdf2714fe863f7359c9b33469b7c40f32afc4eae7a0e5f9e199f0c00fa9ca63d5d03702f1cfd0af824210c65c9504da023f5030efe905822af1

  • SSDEEP

    196608:365Vh7xuIrDU/rEr7vd791Dl3KrEFEnFP5QLw3u:+7xuIPf7FRhpsEOFSm

Score
9/10
evasionupx

Malware Config

Targets

    • Target

      c1877fefa13a1104da580d732e1e70eaa57542257bd251a768ddb1ba1258fa1d

    • Size

      8.4MB

    • MD5

      8560987c49a0dd4cb88cc3a090d25ca7

    • SHA1

      d4fb469825a3a40c8df3ab8dc3fcddddb367fa47

    • SHA256

      c1877fefa13a1104da580d732e1e70eaa57542257bd251a768ddb1ba1258fa1d

    • SHA512

      da26b1fa29b60cdf2714fe863f7359c9b33469b7c40f32afc4eae7a0e5f9e199f0c00fa9ca63d5d03702f1cfd0af824210c65c9504da023f5030efe905822af1

    • SSDEEP

      196608:365Vh7xuIrDU/rEr7vd791Dl3KrEFEnFP5QLw3u:+7xuIPf7FRhpsEOFSm

    Score
    9/10
    evasionupx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Checks for common network interception software

      Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.

      evasion

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks