Overview

overview

8

Static

static

8

5279d8bf11...be.exe

windows7-x64

8

5279d8bf11...be.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5279d8bf11898ff921d0ec471995dea733311fc5ab6e8c77a77512599934e7be

  • Size

    27KB

  • Sample

    221129-z54j2sca9s

  • MD5

    20500268557f9ad6dafc78e6a11ad230

  • SHA1

    c282226d5324456d84e66664993a6409f1930048

  • SHA256

    5279d8bf11898ff921d0ec471995dea733311fc5ab6e8c77a77512599934e7be

  • SHA512

    96b7f139ab27af90765865a8c887eed6ea0302cdeede05b44d394bcbc40f2d8025f40e3036ce718a1656c20e3adef6962dd4e5970cf29f755716e0b5b627dee2

  • SSDEEP

    768:p+Aj5O+/Zh7oI6LDg02e9pzitFrswMJSLLb4M:TOEqIWgzeP+FyJab4M

Score
8/10
discoveryexploitupx

Malware Config

Targets

    • Target

      5279d8bf11898ff921d0ec471995dea733311fc5ab6e8c77a77512599934e7be

    • Size

      27KB

    • MD5

      20500268557f9ad6dafc78e6a11ad230

    • SHA1

      c282226d5324456d84e66664993a6409f1930048

    • SHA256

      5279d8bf11898ff921d0ec471995dea733311fc5ab6e8c77a77512599934e7be

    • SHA512

      96b7f139ab27af90765865a8c887eed6ea0302cdeede05b44d394bcbc40f2d8025f40e3036ce718a1656c20e3adef6962dd4e5970cf29f755716e0b5b627dee2

    • SSDEEP

      768:p+Aj5O+/Zh7oI6LDg02e9pzitFrswMJSLLb4M:TOEqIWgzeP+FyJab4M

    Score
    8/10
    discoveryexploitupx

    • Possible privilege escalation attempt

      exploit

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Deletes itself

    • Loads dropped DLL

    • Modifies file permissions

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Permissions Modification

1
T1222

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks