Overview

overview

8

Static

static

8

c6d6145b9c...50.exe

windows7-x64

8

c6d6145b9c...50.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    c6d6145b9c9efb4c4795d6afa29afc15a5b29f3d34b32e5890c12deda1550e50

  • Size

    87KB

  • Sample

    221129-r2mhcshe79

  • MD5

    70c62148aa49fb9e6f4313acaf80bf8f

  • SHA1

    f8f8fffcd3f081597158ec575bb8a3d572d15dbb

  • SHA256

    c6d6145b9c9efb4c4795d6afa29afc15a5b29f3d34b32e5890c12deda1550e50

  • SHA512

    6633ae58f53a71bc3ba4d76688be95d68ec47155fdded09a8210814201970ecaf889e64499bf93883ed408e5eea41b56f69a5e8031c1754a27dd9f381e026f53

  • SSDEEP

    1536:oj+LTxq5PK5KfS+Zb2Lu1s67su6jMRmH+MhCiPWBg:LT/55OCLuvYVjHe2PWBg

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      c6d6145b9c9efb4c4795d6afa29afc15a5b29f3d34b32e5890c12deda1550e50

    • Size

      87KB

    • MD5

      70c62148aa49fb9e6f4313acaf80bf8f

    • SHA1

      f8f8fffcd3f081597158ec575bb8a3d572d15dbb

    • SHA256

      c6d6145b9c9efb4c4795d6afa29afc15a5b29f3d34b32e5890c12deda1550e50

    • SHA512

      6633ae58f53a71bc3ba4d76688be95d68ec47155fdded09a8210814201970ecaf889e64499bf93883ed408e5eea41b56f69a5e8031c1754a27dd9f381e026f53

    • SSDEEP

      1536:oj+LTxq5PK5KfS+Zb2Lu1s67su6jMRmH+MhCiPWBg:LT/55OCLuvYVjHe2PWBg

    Score
    8/10
    persistenceupx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks