Overview

overview

8

Static

static

8

cc4810e3f3...2d.exe

windows7-x64

8

cc4810e3f3...2d.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cc4810e3f3278b3b60e99dad5bedb7597e9a70d707b3dbba6e82c49a2e1ef72d

  • Size

    206KB

  • Sample

    221203-3ftv4aeh83

  • MD5

    a35d45cc93bd866f9a06c75939023cf7

  • SHA1

    d823d0a4bee7d38318ba03842962e25624e8b39f

  • SHA256

    cc4810e3f3278b3b60e99dad5bedb7597e9a70d707b3dbba6e82c49a2e1ef72d

  • SHA512

    e10e9ea55ac3d3e853380141df1baf541b1ceb07e7acf96f452c42b3fc6e2553c0dd7b08b09599ee19539e014faac16b5e5af15b1ef8fff78683ac079ec336bf

  • SSDEEP

    6144:XEtB2/V0RC1/u2SGuW4o+SJuf/a1zjdHUkNDa3tK:XU8/Vx/u2Ju7lUzjpUEDWt

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      cc4810e3f3278b3b60e99dad5bedb7597e9a70d707b3dbba6e82c49a2e1ef72d

    • Size

      206KB

    • MD5

      a35d45cc93bd866f9a06c75939023cf7

    • SHA1

      d823d0a4bee7d38318ba03842962e25624e8b39f

    • SHA256

      cc4810e3f3278b3b60e99dad5bedb7597e9a70d707b3dbba6e82c49a2e1ef72d

    • SHA512

      e10e9ea55ac3d3e853380141df1baf541b1ceb07e7acf96f452c42b3fc6e2553c0dd7b08b09599ee19539e014faac16b5e5af15b1ef8fff78683ac079ec336bf

    • SSDEEP

      6144:XEtB2/V0RC1/u2SGuW4o+SJuf/a1zjdHUkNDa3tK:XU8/Vx/u2Ju7lUzjpUEDWt

    Score
    8/10
    persistenceupx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks