Overview

overview

10

Static

static

8

ed167a220b...dc.exe

windows7-x64

10

ed167a220b...dc.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ed167a220bd01dc112b7ca5132cf23f47d5cde1cfd373f72a73c460a6225f0dc

  • Size

    100KB

  • Sample

    221203-m6zw2ahc8w

  • MD5

    8b786350f897f55f5c7abc75778edaaf

  • SHA1

    12dcad029fb21422ed376aaf16b7fb6875f87d9a

  • SHA256

    ed167a220bd01dc112b7ca5132cf23f47d5cde1cfd373f72a73c460a6225f0dc

  • SHA512

    6b697bf185140c3f847581d8ace4189b8f8dddef3a65effe81cd315ee4adc231d2af1c147ff5381711e40899bff66fcf8d13a5079d9f937e28946f88ba3d4afb

  • SSDEEP

    1536:SdTUP2Md8gf+CUGToGRWFa3UJ5ZA+SltQLK2YxCxGy1PM2LA+HuGFs2pb2Lgnl:S9U88NdoGRolSlR2siGy9eiZnl

Score
10/10
persistenceupx

Malware Config

Targets

    • Target

      ed167a220bd01dc112b7ca5132cf23f47d5cde1cfd373f72a73c460a6225f0dc

    • Size

      100KB

    • MD5

      8b786350f897f55f5c7abc75778edaaf

    • SHA1

      12dcad029fb21422ed376aaf16b7fb6875f87d9a

    • SHA256

      ed167a220bd01dc112b7ca5132cf23f47d5cde1cfd373f72a73c460a6225f0dc

    • SHA512

      6b697bf185140c3f847581d8ace4189b8f8dddef3a65effe81cd315ee4adc231d2af1c147ff5381711e40899bff66fcf8d13a5079d9f937e28946f88ba3d4afb

    • SSDEEP

      1536:SdTUP2Md8gf+CUGToGRWFa3UJ5ZA+SltQLK2YxCxGy1PM2LA+HuGFs2pb2Lgnl:S9U88NdoGRolSlR2siGy9eiZnl

    Score
    10/10
    persistenceupx

    • Modifies WinLogon for persistence

      persistence

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks