Overview

overview

9

Static

static

1

ad91cfe18d...bb.exe

windows7-x64

9

ad91cfe18d...bb.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ad91cfe18d11b51abeb4ee1c9e15729413feff0873ea46918770daee6c717abb

  • Size

    10.7MB

  • Sample

    221128-a9qrbaca92

  • MD5

    05dc5b665582d6f8411f39e6b74a8703

  • SHA1

    a6588f8e37c9ddeb0374ab0e431e098350e7ee67

  • SHA256

    ad91cfe18d11b51abeb4ee1c9e15729413feff0873ea46918770daee6c717abb

  • SHA512

    aaaeee7fef0242fd63a343e3895e9a692b784e9d7d2a85c388aa7c4503d5395e3cda3a0ce2b0ba4c9e3950d5446eeb6daf256b32d6831b9309ee898faf3ed1c0

  • SSDEEP

    196608:HDABj/fVV1JyxupNLOt2EU1K6UNP85R0RlTGVgwaxj0qFU1G2Pfm:A/fhYoHuMarTGVgTFIG2Pf

Score
9/10
evasionupx

Malware Config

Targets

    • Target

      ad91cfe18d11b51abeb4ee1c9e15729413feff0873ea46918770daee6c717abb

    • Size

      10.7MB

    • MD5

      05dc5b665582d6f8411f39e6b74a8703

    • SHA1

      a6588f8e37c9ddeb0374ab0e431e098350e7ee67

    • SHA256

      ad91cfe18d11b51abeb4ee1c9e15729413feff0873ea46918770daee6c717abb

    • SHA512

      aaaeee7fef0242fd63a343e3895e9a692b784e9d7d2a85c388aa7c4503d5395e3cda3a0ce2b0ba4c9e3950d5446eeb6daf256b32d6831b9309ee898faf3ed1c0

    • SSDEEP

      196608:HDABj/fVV1JyxupNLOt2EU1K6UNP85R0RlTGVgwaxj0qFU1G2Pfm:A/fhYoHuMarTGVgTFIG2Pf

    Score
    9/10
    evasionupx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Checks for common network interception software

      Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.

      evasion

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks