Overview

overview

9

Static

static

8

bf19096b0a...92.exe

windows7-x64

9

bf19096b0a...92.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    bf19096b0aaf87547debb49be71f62f19ef45ef19569e3ac6c7765c542697892

  • Size

    1.1MB

  • Sample

    221125-parxnaaf5t

  • MD5

    3c1e3f2145e2122682ab9fe0084a4118

  • SHA1

    b65806b3a9c29ef15bd10c5874fa79bad51a9bc5

  • SHA256

    bf19096b0aaf87547debb49be71f62f19ef45ef19569e3ac6c7765c542697892

  • SHA512

    0053ec9643df89efc281fb13c2d8b4852880b89ca42d0d21c28d360cf44db32553cb1192b48bb1db25d2aafc4714030d224dd741b81405a164acbb1d9ac3563b

  • SSDEEP

    24576:lYGHNLuQJG/uzg8h68wXlV8OWa1VHv1hjcKQqNojw:lYIuQkGc8h68wXlVP1tjjcKQ0os

Score
9/10
persistenceupx

Malware Config

Targets

    • Target

      bf19096b0aaf87547debb49be71f62f19ef45ef19569e3ac6c7765c542697892

    • Size

      1.1MB

    • MD5

      3c1e3f2145e2122682ab9fe0084a4118

    • SHA1

      b65806b3a9c29ef15bd10c5874fa79bad51a9bc5

    • SHA256

      bf19096b0aaf87547debb49be71f62f19ef45ef19569e3ac6c7765c542697892

    • SHA512

      0053ec9643df89efc281fb13c2d8b4852880b89ca42d0d21c28d360cf44db32553cb1192b48bb1db25d2aafc4714030d224dd741b81405a164acbb1d9ac3563b

    • SSDEEP

      24576:lYGHNLuQJG/uzg8h68wXlV8OWa1VHv1hjcKQqNojw:lYIuQkGc8h68wXlVP1tjjcKQ0os

    Score
    9/10
    upxpersistence

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks