Overview

overview

9

Static

static

COP AIM Warface.exe

windows7-x64

1

COP AIM Warface.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    31d6bc05b46bd28dc96841b29a0e4c4d3d216b3c6cfc7e73739b43a4db7c708b

  • Size

    4.2MB

  • Sample

    221125-pvfp5aca91

  • MD5

    4144eceb2d604a9c49136b37882c6571

  • SHA1

    b11b544bb855ca9031e8dac631430a43e18cc5f6

  • SHA256

    31d6bc05b46bd28dc96841b29a0e4c4d3d216b3c6cfc7e73739b43a4db7c708b

  • SHA512

    a0ee433ee08febda5d1f54803dd9dcc57b5190ff473179f9cb4d77e5c779f15e4835581f9cf6ac08146a04f3381aae3fec48670fe2bc302b98755e3de9e367f2

  • SSDEEP

    98304:o0Y8/WnxdzoUPsUV7HSLB65zYUUmqauxDTzkw:i8/afoUPswa65VUFxfX

Score
9/10
upx

Malware Config

Targets

    • Target

      COP AIM Warface.exe

    • Size

      8.8MB

    • MD5

      3ce615dbc5713d258ef7cec810c007b5

    • SHA1

      5395be3e12248b721a9cecb154daf30c01b639a8

    • SHA256

      6a7d8860655cc9d9130e0df29b76b3a6a86f980317f8d9c3cfda9b777ca1da2d

    • SHA512

      79a0095bb0d1499e52c323df5af07fb210580c08882ecb2f7daa44c99d450d5418db19f7e0bf0f7c31e4820cfcd64752a1d1879be200f9ef1cbc7875e5b26531

    • SSDEEP

      196608:AwEu5F+F+F+F+F+F+F+F+F+F+F+F+F+F+F+F+FA5yBmcV54QSf2/y6m7bNJ:ABTm54T2/Nen

    Score
    9/10
    upx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks