Overview

overview

8

Static

static

aa241d3add...37.exe

windows7-x64

8

aa241d3add...37.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    aa241d3add2d3125f76de3e6f9ee3720659b7d95652fd0aac378f6ff30971c37

  • Size

    292KB

  • Sample

    221203-s5z4asdb82

  • MD5

    ade1ab8b6df9f1f68378674f21f23f4f

  • SHA1

    2ef6e0565b8caec6a7df5f914ac8c11ff9928b1c

  • SHA256

    aa241d3add2d3125f76de3e6f9ee3720659b7d95652fd0aac378f6ff30971c37

  • SHA512

    6a4554caab2975264fa3a9fe017def6f626e579a131f69b3f02644b798adaa3d5727d2b833186a8b2c4926190124959f974dac89bccc3069bf80203d94df80b9

  • SSDEEP

    6144:MGMY/fdza7TOkVHD3brDHGCZVhrni9iaoAS3bFyoMVGwpLgc0mQfDA7:MGLA7TOkVj3brDHz35igao74ozwpF0lQ

Score
8/10
evasionpersistenceupx

Malware Config

Targets

    • Target

      aa241d3add2d3125f76de3e6f9ee3720659b7d95652fd0aac378f6ff30971c37

    • Size

      292KB

    • MD5

      ade1ab8b6df9f1f68378674f21f23f4f

    • SHA1

      2ef6e0565b8caec6a7df5f914ac8c11ff9928b1c

    • SHA256

      aa241d3add2d3125f76de3e6f9ee3720659b7d95652fd0aac378f6ff30971c37

    • SHA512

      6a4554caab2975264fa3a9fe017def6f626e579a131f69b3f02644b798adaa3d5727d2b833186a8b2c4926190124959f974dac89bccc3069bf80203d94df80b9

    • SSDEEP

      6144:MGMY/fdza7TOkVHD3brDHGCZVhrni9iaoAS3bFyoMVGwpLgc0mQfDA7:MGLA7TOkVj3brDHz35igao74ozwpF0lQ

    Score
    8/10
    evasionpersistenceupx

    • Disables Task Manager via registry modification

      evasion

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks