Overview

overview

8

Static

static

b63a29540c...18.exe

windows7-x64

8

b63a29540c...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b63a29540c3cba963e4057596922da3bfa51f0c92ec5c19933dc6311bfa43718

  • Size

    350KB

  • Sample

    221203-v97eaaeg8x

  • MD5

    bbba542cba33b38ffb300aac2fe61823

  • SHA1

    2bb6440657df1c38afd0232ea4aae18d30b6cd30

  • SHA256

    b63a29540c3cba963e4057596922da3bfa51f0c92ec5c19933dc6311bfa43718

  • SHA512

    71567fbd48ea7df509cff2bbd82604a5bc59a398f2703f17a4d7e5c8cf154a337f139b8caf81879756ab476a92a8912880fcd67b98305ec928a8871b9dd8bc71

  • SSDEEP

    6144:U93TqoJBRlo1Kiu/rJyROtkTz0hBpKwzOrI3WBKof6YQymqqyRu1j1F9D5:UFlnRq1BCBtcz0bpKs6IGAoQsuvXN

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      b63a29540c3cba963e4057596922da3bfa51f0c92ec5c19933dc6311bfa43718

    • Size

      350KB

    • MD5

      bbba542cba33b38ffb300aac2fe61823

    • SHA1

      2bb6440657df1c38afd0232ea4aae18d30b6cd30

    • SHA256

      b63a29540c3cba963e4057596922da3bfa51f0c92ec5c19933dc6311bfa43718

    • SHA512

      71567fbd48ea7df509cff2bbd82604a5bc59a398f2703f17a4d7e5c8cf154a337f139b8caf81879756ab476a92a8912880fcd67b98305ec928a8871b9dd8bc71

    • SSDEEP

      6144:U93TqoJBRlo1Kiu/rJyROtkTz0hBpKwzOrI3WBKof6YQymqqyRu1j1F9D5:UFlnRq1BCBtcz0bpKs6IGAoQsuvXN

    Score
    8/10
    persistenceupx

    • Executes dropped EXE

    • Modifies Installed Components in the registry

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks