Overview

overview

8

Static

static

a9d0803373...10.exe

windows7-x64

8

a9d0803373...10.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    a9d08033730a9e775187585872529cef0555e2933881e3d524f4c9cfa08f3410

  • Size

    375KB

  • Sample

    221203-waeewseh2v

  • MD5

    cef0f2fa7470b72e11f3f50607ccf2f7

  • SHA1

    22eced7bf5fd608f3f174e5d2bc608865efe633d

  • SHA256

    a9d08033730a9e775187585872529cef0555e2933881e3d524f4c9cfa08f3410

  • SHA512

    06a295b3a3740583be2559112b7f9d5f52dd64543e7cabf3c2b17804d24e5c0e7a6ce8cb731d967f24accaa8c68f1262c0d138ed79e1899c1dd2f8a941f06955

  • SSDEEP

    6144:E93TqoTetsvlJ4DGBdu2YpJ3qOe4yufYspgrGQVUAt5OCHmQRGRCnpG/:EFlT88z4yBU/3qO5yx1rGrAt5OCHjgCg

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      a9d08033730a9e775187585872529cef0555e2933881e3d524f4c9cfa08f3410

    • Size

      375KB

    • MD5

      cef0f2fa7470b72e11f3f50607ccf2f7

    • SHA1

      22eced7bf5fd608f3f174e5d2bc608865efe633d

    • SHA256

      a9d08033730a9e775187585872529cef0555e2933881e3d524f4c9cfa08f3410

    • SHA512

      06a295b3a3740583be2559112b7f9d5f52dd64543e7cabf3c2b17804d24e5c0e7a6ce8cb731d967f24accaa8c68f1262c0d138ed79e1899c1dd2f8a941f06955

    • SSDEEP

      6144:E93TqoTetsvlJ4DGBdu2YpJ3qOe4yufYspgrGQVUAt5OCHmQRGRCnpG/:EFlT88z4yBU/3qO5yx1rGrAt5OCHjgCg

    Score
    8/10
    persistenceupx

    • Executes dropped EXE

    • Modifies Installed Components in the registry

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks