Overview

overview

9

Static

static

1

d51bd8d643...bd.exe

windows7-x64

9

d51bd8d643...bd.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d51bd8d643a069051c99d31fbee39edf0da2f011d6bd757c846e721cdcaa43bd

  • Size

    11.1MB

  • Sample

    221123-ll6cmsfb5w

  • MD5

    a0178f46fd38fc7ac7a19aedb2a505c9

  • SHA1

    82c2940d59350dbbc3243c11d8a9eeb121087a7a

  • SHA256

    d51bd8d643a069051c99d31fbee39edf0da2f011d6bd757c846e721cdcaa43bd

  • SHA512

    70905fb4ff1d18b070847376587197c3ab0a727abf509bd1365450180295b605be9fa4a1e87959a3e914a363142ccce25fda49e17f89f62a28caa1a07863a0e8

  • SSDEEP

    196608:0D64qmKGaWpTn6gk8xF5QpcNgKTmCw7dJhj+XilgLNo6c+loAVm51lQD9WH+tnlR:0jt5aSMot6KTmC4j+Slge6eOY1J8R

Score
9/10
evasionupx

Malware Config

Targets

    • Target

      d51bd8d643a069051c99d31fbee39edf0da2f011d6bd757c846e721cdcaa43bd

    • Size

      11.1MB

    • MD5

      a0178f46fd38fc7ac7a19aedb2a505c9

    • SHA1

      82c2940d59350dbbc3243c11d8a9eeb121087a7a

    • SHA256

      d51bd8d643a069051c99d31fbee39edf0da2f011d6bd757c846e721cdcaa43bd

    • SHA512

      70905fb4ff1d18b070847376587197c3ab0a727abf509bd1365450180295b605be9fa4a1e87959a3e914a363142ccce25fda49e17f89f62a28caa1a07863a0e8

    • SSDEEP

      196608:0D64qmKGaWpTn6gk8xF5QpcNgKTmCw7dJhj+XilgLNo6c+loAVm51lQD9WH+tnlR:0jt5aSMot6KTmC4j+Slge6eOY1J8R

    Score
    9/10
    evasionupx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Checks for common network interception software

      Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.

      evasion

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks