Overview

overview

8

Static

static

8

TOXICF~1.exe

windows7-x64

8

TOXICF~1.exe

windows10-2004-x64

8

TOXICF~2.exe

windows7-x64

8

TOXICF~2.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d252fd433f41f4d0a17082401609c2d9823a2585f86ad722312c60d0303cd4ff

  • Size

    445KB

  • Sample

    221201-h612wafc42

  • MD5

    7e8adc4bc128eb1aa5a646374d86e3f0

  • SHA1

    b80b1009d832e0d1f2d8e143abd681efe54516d3

  • SHA256

    d252fd433f41f4d0a17082401609c2d9823a2585f86ad722312c60d0303cd4ff

  • SHA512

    f8a4b54ac722e7f0251da7d00167fa5b41916dd9d8b691f5db5019ccae219e7c6af0489fba6e567db3d95f4abccdb63130a2ac20173ec152a17bb23f124d73c4

  • SSDEEP

    12288:56XgJ8v6g3OR8+oq6wNifwe8H5loO2MUwB0kWYmcW:5SXV3Oy7Ikf25mlhNkWtX

Score
8/10
upx

Malware Config

Targets

    • Target

      TOXICF~1.EXE

    • Size

      205KB

    • MD5

      6cd97b2471d42968d6efd23f8b280e9e

    • SHA1

      7d9072bbd1a787c0df0945dad1ed1783ddc7d3c8

    • SHA256

      64c46726bcd448583e7da24c12866b5bfa2d79619d4d1c451a3510796664a4af

    • SHA512

      f92860d96b7e40df0da15212e2393c42cf68188ec08a37968707ae4ea2c85eae487823c2948c624ad45ec7b44f2e5a0b2303758ec265e3e513fe2b270559deb0

    • SSDEEP

      6144:dCbitvA8lUcv6Jvr03OWAgCC7RSk0poSN:dC+tvA8pv6e3OSCCFS5poSN

    Score
    8/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

    • Target

      TOXICF~2.EXE

    • Size

      434KB

    • MD5

      27887e0acf853f81a98a6d9b9e0aec6c

    • SHA1

      5d9b7ff1d4f4bbe8b95c19dc3104a71afb04ec53

    • SHA256

      8c8828648bc6af772d50709cc1b6d4cec3bea3a6606851f4b531da3536542b3e

    • SHA512

      6c71fc3d3fc384e516bf8b97ba6ba06a5978f3e74742aa70822c4929f5164dba57c73ac6991dde220eb00b600fe78c334531830cf8e66e22f82b03186df37304

    • SSDEEP

      6144:1RSKy9T8EeIBq2U2Ifnf/zydQRotRl56lZf7bPkLPI07KiY1de0:k9qbFXfby+RotR7gZP8Z7pYDe0

    Score
    8/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

    behavioral3behavioral4

MITRE ATT&CK Enterprise v6

Tasks