Overview

overview

8

Static

static

8

590cb35f24...d1.exe

windows7-x64

8

590cb35f24...d1.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    590cb35f24a59f345de0adb31ff7973b6f7527ca521b6afe79a9009ec739f7d1

  • Size

    48KB

  • Sample

    221124-p6b63shf9t

  • MD5

    ec305f944938c9895d807da79c85b219

  • SHA1

    ebbb52c4b5e5cd85fa1fc1685bcf514fa4f707f6

  • SHA256

    590cb35f24a59f345de0adb31ff7973b6f7527ca521b6afe79a9009ec739f7d1

  • SHA512

    3a54907f28a60cb364ab91aff8eac36d73ae34e3d189ba2854329169cc8c65fcf3cc92cca5950787c8ed308bf307dba9ccc118365b56bd10570c9344a314a85d

  • SSDEEP

    768:jv8IRRdsxq1DjJcqOVBLUvTd2wmDkuBgs5vY2HJvqRTkoCmq1UrHPR1:DxRTsxq1DjCBBLUrGaeva1CmRrHL

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      590cb35f24a59f345de0adb31ff7973b6f7527ca521b6afe79a9009ec739f7d1

    • Size

      48KB

    • MD5

      ec305f944938c9895d807da79c85b219

    • SHA1

      ebbb52c4b5e5cd85fa1fc1685bcf514fa4f707f6

    • SHA256

      590cb35f24a59f345de0adb31ff7973b6f7527ca521b6afe79a9009ec739f7d1

    • SHA512

      3a54907f28a60cb364ab91aff8eac36d73ae34e3d189ba2854329169cc8c65fcf3cc92cca5950787c8ed308bf307dba9ccc118365b56bd10570c9344a314a85d

    • SSDEEP

      768:jv8IRRdsxq1DjJcqOVBLUvTd2wmDkuBgs5vY2HJvqRTkoCmq1UrHPR1:DxRTsxq1DjCBBLUrGaeva1CmRrHL

    Score
    8/10
    persistenceupx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Install Root Certificate

1
T1130

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks