Overview

overview

10

Static

static

8

8b5970c2af...62.exe

windows7-x64

8

8b5970c2af...62.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8b5970c2af9a6efb03f65ab1e3f8db148051f7f19a0606200f1667cfdb6ae662

  • Size

    571KB

  • Sample

    221123-w8b3eseb47

  • MD5

    2d3436290e7ef1f13b4cc162302f8e22

  • SHA1

    69edf9f904d9b25541141e3c624a11b5ad0d8f0d

  • SHA256

    8b5970c2af9a6efb03f65ab1e3f8db148051f7f19a0606200f1667cfdb6ae662

  • SHA512

    eaa6962c0d0b8f48028e3f3edd877ac62bf15327f5af47e8ea64a0bd00559692b73aae9611aa7337a2da2e0b237298cef07a9cfaf2b0f6018c732df5207c0847

  • SSDEEP

    12288:9ttIoYmJRgB88oYW50mtXbqImFlmjNTeI9cLhSw2C:9tYboYW50ymRR2C

Score
10/10
persistenceupx

Malware Config

Targets

    • Target

      8b5970c2af9a6efb03f65ab1e3f8db148051f7f19a0606200f1667cfdb6ae662

    • Size

      571KB

    • MD5

      2d3436290e7ef1f13b4cc162302f8e22

    • SHA1

      69edf9f904d9b25541141e3c624a11b5ad0d8f0d

    • SHA256

      8b5970c2af9a6efb03f65ab1e3f8db148051f7f19a0606200f1667cfdb6ae662

    • SHA512

      eaa6962c0d0b8f48028e3f3edd877ac62bf15327f5af47e8ea64a0bd00559692b73aae9611aa7337a2da2e0b237298cef07a9cfaf2b0f6018c732df5207c0847

    • SSDEEP

      12288:9ttIoYmJRgB88oYW50mtXbqImFlmjNTeI9cLhSw2C:9tYboYW50ymRR2C

    Score
    10/10
    upxpersistence

    • Modifies WinLogon for persistence

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks