Overview

overview

10

Static

static

8

520fbbd62f...f1.exe

windows7-x64

10

520fbbd62f...f1.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    520fbbd62f94f3302af6b1624a4998188b6fcf9a4a51f7474d5c04dc124690f1

  • Size

    1.5MB

  • Sample

    221124-ftnjxabb65

  • MD5

    3897a3b788af621a5a7dbafa03fbb9ee

  • SHA1

    17ef1d92916a8ceaadb24c01e142baecb7462d51

  • SHA256

    520fbbd62f94f3302af6b1624a4998188b6fcf9a4a51f7474d5c04dc124690f1

  • SHA512

    4c69f5da0f459714a20a0817b72f20ff381a2152eb3f58358abe977b0b78a632bd7036cbc1a558d5eed6a9634cd08beb06644fc82e4072dd08301c2da465cdfe

  • SSDEEP

    24576:aOMeZJ8NI8TO2OMeZJ8NI8TO2OMeZJ8NI8TOq:l8U8U8J

Score
10/10
evasionpersistenceupx

Malware Config

Targets

    • Target

      520fbbd62f94f3302af6b1624a4998188b6fcf9a4a51f7474d5c04dc124690f1

    • Size

      1.5MB

    • MD5

      3897a3b788af621a5a7dbafa03fbb9ee

    • SHA1

      17ef1d92916a8ceaadb24c01e142baecb7462d51

    • SHA256

      520fbbd62f94f3302af6b1624a4998188b6fcf9a4a51f7474d5c04dc124690f1

    • SHA512

      4c69f5da0f459714a20a0817b72f20ff381a2152eb3f58358abe977b0b78a632bd7036cbc1a558d5eed6a9634cd08beb06644fc82e4072dd08301c2da465cdfe

    • SSDEEP

      24576:aOMeZJ8NI8TO2OMeZJ8NI8TO2OMeZJ8NI8TOq:l8U8U8J

    Score
    10/10
    evasionpersistenceupx

    • Modifies visibility of file extensions in Explorer

      evasion

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

      evasion

    • Executes dropped EXE

    • Sets file execution options in registry

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks