Overview

overview

8

Static

static

8

927f4ab837...c3.exe

windows7-x64

8

927f4ab837...c3.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    927f4ab837a4fcd706aa1b192b7229df6b0f6fb1c640ffad2c8440417528fbc3

  • Size

    18KB

  • Sample

    221201-zxw51aee3t

  • MD5

    d5d0d2b1f289647f74a36211660a6f55

  • SHA1

    5c940c14c07d5000245b4007b0cc5b42258247ca

  • SHA256

    927f4ab837a4fcd706aa1b192b7229df6b0f6fb1c640ffad2c8440417528fbc3

  • SHA512

    e3241f29e33c1c0166f78a489c5217e62ca38336b486e3fc04edf8094475f20d660519606b65ae3a5248c7d97eb58941cfbba07b5c0362de3ea3775aa738c581

  • SSDEEP

    384:GAhgmZVqbcbw+LXW50wHTXWkjSVpI8SYWlOsF1uc9kWBZxRvF70Gs1:G2gvcbw0wHTWkjYI89WlOsFoczZxRvFD

Score
8/10
discoveryupx

Malware Config

Targets

    • Target

      927f4ab837a4fcd706aa1b192b7229df6b0f6fb1c640ffad2c8440417528fbc3

    • Size

      18KB

    • MD5

      d5d0d2b1f289647f74a36211660a6f55

    • SHA1

      5c940c14c07d5000245b4007b0cc5b42258247ca

    • SHA256

      927f4ab837a4fcd706aa1b192b7229df6b0f6fb1c640ffad2c8440417528fbc3

    • SHA512

      e3241f29e33c1c0166f78a489c5217e62ca38336b486e3fc04edf8094475f20d660519606b65ae3a5248c7d97eb58941cfbba07b5c0362de3ea3775aa738c581

    • SSDEEP

      384:GAhgmZVqbcbw+LXW50wHTXWkjSVpI8SYWlOsF1uc9kWBZxRvF70Gs1:G2gvcbw0wHTWkjYI89WlOsFoczZxRvFD

    Score
    8/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks