Overview

overview

9

Static

static

1

b50be4a1e9...6b.exe

windows7-x64

9

b50be4a1e9...6b.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b50be4a1e9bd80cacb43acdb4832bf9be8636f9575c3a1679520cb84e982626b

  • Size

    11.4MB

  • Sample

    221123-lkr4mabf39

  • MD5

    f3bb4817fc316d873b5c867ed3321848

  • SHA1

    1091a4a944da44a7b802eed8ebc4837364313e47

  • SHA256

    b50be4a1e9bd80cacb43acdb4832bf9be8636f9575c3a1679520cb84e982626b

  • SHA512

    498937273a7720407badd583074efee2836847b750256089dbc0dca3810b1184214585c8c1afc53fb8c36a69363acf73f5d4053521bbee83081da7ba6c309048

  • SSDEEP

    196608:33GpQ2sa1HRAvclOd+RSF5obnBLJ3Ee/lrlb9cqKovnrhaZ7hJMmI2XR/aQmQzj6:3i11H6j+RXr1JUErd3b1aNhKmI2VpZj6

Score
9/10
evasionupx

Malware Config

Targets

    • Target

      b50be4a1e9bd80cacb43acdb4832bf9be8636f9575c3a1679520cb84e982626b

    • Size

      11.4MB

    • MD5

      f3bb4817fc316d873b5c867ed3321848

    • SHA1

      1091a4a944da44a7b802eed8ebc4837364313e47

    • SHA256

      b50be4a1e9bd80cacb43acdb4832bf9be8636f9575c3a1679520cb84e982626b

    • SHA512

      498937273a7720407badd583074efee2836847b750256089dbc0dca3810b1184214585c8c1afc53fb8c36a69363acf73f5d4053521bbee83081da7ba6c309048

    • SSDEEP

      196608:33GpQ2sa1HRAvclOd+RSF5obnBLJ3Ee/lrlb9cqKovnrhaZ7hJMmI2XR/aQmQzj6:3i11H6j+RXr1JUErd3b1aNhKmI2VpZj6

    Score
    9/10
    evasionupx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Checks for common network interception software

      Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.

      evasion

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks