Overview

overview

9

Static

static

1

28fbf870dc...86.exe

windows7-x64

9

28fbf870dc...86.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    28fbf870dc15ebf6b30a07d2d0ede81902e5500386e8fec2bc4a68dc8f0d2f86

  • Size

    9.2MB

  • Sample

    221123-llyb2abf83

  • MD5

    16442805543b0c4afcf4cc9fa7f9a00b

  • SHA1

    e8ceefcc78f90c3359d08b32b1b93eaf9945f742

  • SHA256

    28fbf870dc15ebf6b30a07d2d0ede81902e5500386e8fec2bc4a68dc8f0d2f86

  • SHA512

    73713641ace976664df75b84657713af9f2276582e3382a799881f30cc1b4cf405e11b60444d7487ad72443977d17743fc9b9efc5d27090c790cc710d226c831

  • SSDEEP

    196608:l5bh6yMJ+hwI84+OSIaaTLshZtN8ILaAPE2XDYEWd6GVBUErdpCvOi3j6:l5FJe+HBRUtGILaAPE2XAUGVtCvrT

Score
9/10
evasionupx

Malware Config

Targets

    • Target

      28fbf870dc15ebf6b30a07d2d0ede81902e5500386e8fec2bc4a68dc8f0d2f86

    • Size

      9.2MB

    • MD5

      16442805543b0c4afcf4cc9fa7f9a00b

    • SHA1

      e8ceefcc78f90c3359d08b32b1b93eaf9945f742

    • SHA256

      28fbf870dc15ebf6b30a07d2d0ede81902e5500386e8fec2bc4a68dc8f0d2f86

    • SHA512

      73713641ace976664df75b84657713af9f2276582e3382a799881f30cc1b4cf405e11b60444d7487ad72443977d17743fc9b9efc5d27090c790cc710d226c831

    • SSDEEP

      196608:l5bh6yMJ+hwI84+OSIaaTLshZtN8ILaAPE2XDYEWd6GVBUErdpCvOi3j6:l5FJe+HBRUtGILaAPE2XAUGVtCvrT

    Score
    9/10
    evasionupx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Checks for common network interception software

      Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.

      evasion

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks