Overview

overview

10

Static

static

8

8ce5f55eed...dc.exe

windows7-x64

8

8ce5f55eed...dc.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8ce5f55eed5141ae2f20761fd2abecf129a7531e86806712de11ba1f78a9a4dc

  • Size

    124KB

  • Sample

    221130-rbk7lsff66

  • MD5

    6365ac4374f1571d9dba5f4c266d98e3

  • SHA1

    f1b05939d63e3d5ba5aee6574ccdffafedc7fd4c

  • SHA256

    8ce5f55eed5141ae2f20761fd2abecf129a7531e86806712de11ba1f78a9a4dc

  • SHA512

    8f59740dd191c489ee4d2fce9aab3e0fc48b77f409e562a59a3826b823ef5c04f486c6b3d29526c00a82ffe19266b606c1144cd054149971bada37bb2476c419

  • SSDEEP

    1536:yHrPsIbYmbLLSO2KUhA/th/6hHFTje1hoRA2iMRRMFJC3ZoesaTvmeR/:yHrfZq7Er+i1yiMRRMEoessHx

Score
10/10
evasionpersistencetrojanupx

Malware Config

Targets

    • Target

      8ce5f55eed5141ae2f20761fd2abecf129a7531e86806712de11ba1f78a9a4dc

    • Size

      124KB

    • MD5

      6365ac4374f1571d9dba5f4c266d98e3

    • SHA1

      f1b05939d63e3d5ba5aee6574ccdffafedc7fd4c

    • SHA256

      8ce5f55eed5141ae2f20761fd2abecf129a7531e86806712de11ba1f78a9a4dc

    • SHA512

      8f59740dd191c489ee4d2fce9aab3e0fc48b77f409e562a59a3826b823ef5c04f486c6b3d29526c00a82ffe19266b606c1144cd054149971bada37bb2476c419

    • SSDEEP

      1536:yHrPsIbYmbLLSO2KUhA/th/6hHFTje1hoRA2iMRRMFJC3ZoesaTvmeR/:yHrfZq7Er+i1yiMRRMEoessHx

    Score
    10/10
    persistenceupxevasiontrojan

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • Windows security bypass

      evasiontrojan

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks