Overview

overview

8

Static

static

8

9cc25ee60c...77.exe

windows7-x64

8

9cc25ee60c...77.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    9cc25ee60cf8d5c4361720c2378fbc402dc2870e5c673ca3ffe6c10945850a77

  • Size

    12.6MB

  • Sample

    221127-17dl3scg78

  • MD5

    d6923453ff195e1b51be0b58ecc43049

  • SHA1

    e31784b46595c129355619036503460e019d10ca

  • SHA256

    9cc25ee60cf8d5c4361720c2378fbc402dc2870e5c673ca3ffe6c10945850a77

  • SHA512

    4080dc0d5557d109b1fb10a407c1be6963d516099facb683d9453825c5e1ca637998d00c76814344987ef1c7a80cc3c3b408a9a29b62a985004a99e23b29d854

  • SSDEEP

    12288:xv+wNJMrYlD+Q0MgYLlr1V2g6RN5JFyNNNqOq0iFxeBn0OoSd4aRrYKT:xWC4Y1cYLlr1x6RbaSgOxeirK4aRE

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      9cc25ee60cf8d5c4361720c2378fbc402dc2870e5c673ca3ffe6c10945850a77

    • Size

      12.6MB

    • MD5

      d6923453ff195e1b51be0b58ecc43049

    • SHA1

      e31784b46595c129355619036503460e019d10ca

    • SHA256

      9cc25ee60cf8d5c4361720c2378fbc402dc2870e5c673ca3ffe6c10945850a77

    • SHA512

      4080dc0d5557d109b1fb10a407c1be6963d516099facb683d9453825c5e1ca637998d00c76814344987ef1c7a80cc3c3b408a9a29b62a985004a99e23b29d854

    • SSDEEP

      12288:xv+wNJMrYlD+Q0MgYLlr1V2g6RN5JFyNNNqOq0iFxeBn0OoSd4aRrYKT:xWC4Y1cYLlr1x6RbaSgOxeirK4aRE

    Score
    8/10
    upxpersistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Checks for any installed AV software in registry

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks