Overview

overview

8

Static

static

92cd482cb1...4b.exe

windows7-x64

8

92cd482cb1...4b.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    92cd482cb1d108db2bc1b4ea875b5487dabbe38d25693f5395eb92fbf183564b

  • Size

    341KB

  • Sample

    221201-zw3ldsed6x

  • MD5

    e7f1e1844a13fbd461213f819c6d1f2a

  • SHA1

    4b9acef686815297d9e5ae67a7fc06911b82e103

  • SHA256

    92cd482cb1d108db2bc1b4ea875b5487dabbe38d25693f5395eb92fbf183564b

  • SHA512

    60298a1c06cc05732a1d091fc4f2c3ae3f8e6004008910bb71a757d9f6deae538af67b5a893fa9b8388f5bbc47b9573ef9125e97958fffd920b9f61e33d45a9b

  • SSDEEP

    6144:X/i4AJyD+YMqErSZTRZkQpOnzCJvvN0+cLpNaoMvZ98KoJBmVvSG1ZqSyp:WJJqrOENUNFG98KomVRZqSC

Score
8/10
evasionpersistenceupx

Malware Config

Targets

    • Target

      92cd482cb1d108db2bc1b4ea875b5487dabbe38d25693f5395eb92fbf183564b

    • Size

      341KB

    • MD5

      e7f1e1844a13fbd461213f819c6d1f2a

    • SHA1

      4b9acef686815297d9e5ae67a7fc06911b82e103

    • SHA256

      92cd482cb1d108db2bc1b4ea875b5487dabbe38d25693f5395eb92fbf183564b

    • SHA512

      60298a1c06cc05732a1d091fc4f2c3ae3f8e6004008910bb71a757d9f6deae538af67b5a893fa9b8388f5bbc47b9573ef9125e97958fffd920b9f61e33d45a9b

    • SSDEEP

      6144:X/i4AJyD+YMqErSZTRZkQpOnzCJvvN0+cLpNaoMvZ98KoJBmVvSG1ZqSyp:WJJqrOENUNFG98KomVRZqSC

    Score
    8/10
    evasionpersistenceupx

    • Disables Task Manager via registry modification

      evasion

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks