Overview

overview

8

Static

static

b7a196cd79...8c.exe

windows7-x64

8

b7a196cd79...8c.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b7a196cd79608e4436637512ce7b6944e70a43c0b402c2449bf9fdd9abb5608c

  • Size

    213KB

  • Sample

    221203-1k6pcagc85

  • MD5

    4a1a5879dc50ea99e88da5f3f2f31028

  • SHA1

    c50ee83873194c1463b0eb8aae03057ca87cc110

  • SHA256

    b7a196cd79608e4436637512ce7b6944e70a43c0b402c2449bf9fdd9abb5608c

  • SHA512

    8fb61680985fe1c0e9e067b48faf18e9a4e51851c637a1d350ef0ee0225d38269c72b01e7c2aa3f6a9ba2c22e38a8d51b2782adc6543b258472a574f542a9ab0

  • SSDEEP

    6144:v+ouZ4MWt9KK6nyocU9xQR9JWO8u1leDlYK:I4MW7K7yRU9xUnWySDlYK

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      b7a196cd79608e4436637512ce7b6944e70a43c0b402c2449bf9fdd9abb5608c

    • Size

      213KB

    • MD5

      4a1a5879dc50ea99e88da5f3f2f31028

    • SHA1

      c50ee83873194c1463b0eb8aae03057ca87cc110

    • SHA256

      b7a196cd79608e4436637512ce7b6944e70a43c0b402c2449bf9fdd9abb5608c

    • SHA512

      8fb61680985fe1c0e9e067b48faf18e9a4e51851c637a1d350ef0ee0225d38269c72b01e7c2aa3f6a9ba2c22e38a8d51b2782adc6543b258472a574f542a9ab0

    • SSDEEP

      6144:v+ouZ4MWt9KK6nyocU9xQR9JWO8u1leDlYK:I4MW7K7yRU9xUnWySDlYK

    Score
    8/10
    persistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks