Overview

overview

8

Static

static

8

c9cb36c41b...62.exe

windows7-x64

8

c9cb36c41b...62.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c9cb36c41bebae790540f95d4afd50a73d24e5f10929c397b60ddec8456b7162

  • Size

    869KB

  • Sample

    221203-vymwhaad79

  • MD5

    f66a41ba9c64229712c999f68874ff83

  • SHA1

    9d357ecfb87205bef0b7b8a92f54538ef5fbff67

  • SHA256

    c9cb36c41bebae790540f95d4afd50a73d24e5f10929c397b60ddec8456b7162

  • SHA512

    b97468ebcc536b9c24d4db4fd0747fae7aa8dbc571a5ddb9df80abbf1e0f8bcac916b4ea5737299f42f3870802867f1fbf15d9640b02f1a5740131d1362e1272

  • SSDEEP

    3072:wpe9FXOGoqa74l4Hx3UVGTTGDyxN2eho55aZMXi1+WiXooJKkQa1g6rt/pd1GQpP:w83e1Dubhz1LOh3FVvQ+yC

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      c9cb36c41bebae790540f95d4afd50a73d24e5f10929c397b60ddec8456b7162

    • Size

      869KB

    • MD5

      f66a41ba9c64229712c999f68874ff83

    • SHA1

      9d357ecfb87205bef0b7b8a92f54538ef5fbff67

    • SHA256

      c9cb36c41bebae790540f95d4afd50a73d24e5f10929c397b60ddec8456b7162

    • SHA512

      b97468ebcc536b9c24d4db4fd0747fae7aa8dbc571a5ddb9df80abbf1e0f8bcac916b4ea5737299f42f3870802867f1fbf15d9640b02f1a5740131d1362e1272

    • SSDEEP

      3072:wpe9FXOGoqa74l4Hx3UVGTTGDyxN2eho55aZMXi1+WiXooJKkQa1g6rt/pd1GQpP:w83e1Dubhz1LOh3FVvQ+yC

    Score
    8/10
    persistenceupx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks