Overview

overview

8

Static

static

e27f5e85c8...cd.exe

windows7-x64

8

e27f5e85c8...cd.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e27f5e85c80827f822231afd547c521ad457d2e10a1e8e7d2d0f0896ac4d16cd

  • Size

    383KB

  • Sample

    221123-xre87aag5z

  • MD5

    4c2bfb17a9f005d2840a8d6c2cded378

  • SHA1

    95ccefb5f40f0bb04f4dd411c005679921438696

  • SHA256

    e27f5e85c80827f822231afd547c521ad457d2e10a1e8e7d2d0f0896ac4d16cd

  • SHA512

    81af07bdd3517db7f7042c3c531bf267f9e7785374c1e1fad2581e4a0bdc6262d23a00d17e1a35331807ea73683cfb9e78c16ad171e05507eadc2a2fd9ad1eee

  • SSDEEP

    6144:RFB84ncqC7P9Lw+Vi+vVWtIRORZos4sa6qjePhshhHIVmMComj6w4KYr82L6lN2m:NncqCblti2QXas4ReZsdSmxrj6w4uLlt

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      e27f5e85c80827f822231afd547c521ad457d2e10a1e8e7d2d0f0896ac4d16cd

    • Size

      383KB

    • MD5

      4c2bfb17a9f005d2840a8d6c2cded378

    • SHA1

      95ccefb5f40f0bb04f4dd411c005679921438696

    • SHA256

      e27f5e85c80827f822231afd547c521ad457d2e10a1e8e7d2d0f0896ac4d16cd

    • SHA512

      81af07bdd3517db7f7042c3c531bf267f9e7785374c1e1fad2581e4a0bdc6262d23a00d17e1a35331807ea73683cfb9e78c16ad171e05507eadc2a2fd9ad1eee

    • SSDEEP

      6144:RFB84ncqC7P9Lw+Vi+vVWtIRORZos4sa6qjePhshhHIVmMComj6w4KYr82L6lN2m:NncqCblti2QXas4ReZsdSmxrj6w4uLlt

    Score
    8/10
    persistenceupx

    • Modifies Installed Components in the registry

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks