Overview

overview

9

Static

static

8

d9f26900e3...a6.exe

windows7-x64

9

d9f26900e3...a6.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    d9f26900e351b73f5f57225e5eccdf7bd8ed7f210b61de8a416b5d8d0052faa6

  • Size

    61KB

  • Sample

    221203-xdq4jaad6z

  • MD5

    941e96b5f6db841bb09820e34fa125a6

  • SHA1

    51cc9982be65209c15f7e0d53bc90bc93b383091

  • SHA256

    d9f26900e351b73f5f57225e5eccdf7bd8ed7f210b61de8a416b5d8d0052faa6

  • SHA512

    d3354a636627cd98546e68e9af93c972d0f78fa4ce72c6dc369c68ee6ea33d133e58f0ee5f123e6062fdedd0f5dfd3db26cd6ed1cf9d4030d66e57609f24cda3

  • SSDEEP

    1536:2UmWS43qlQOaoXTzwYt62MpE/223a2BKP:U4Svzt62MMqjP

Score
9/10
persistenceupx

Malware Config

Targets

    • Target

      d9f26900e351b73f5f57225e5eccdf7bd8ed7f210b61de8a416b5d8d0052faa6

    • Size

      61KB

    • MD5

      941e96b5f6db841bb09820e34fa125a6

    • SHA1

      51cc9982be65209c15f7e0d53bc90bc93b383091

    • SHA256

      d9f26900e351b73f5f57225e5eccdf7bd8ed7f210b61de8a416b5d8d0052faa6

    • SHA512

      d3354a636627cd98546e68e9af93c972d0f78fa4ce72c6dc369c68ee6ea33d133e58f0ee5f123e6062fdedd0f5dfd3db26cd6ed1cf9d4030d66e57609f24cda3

    • SSDEEP

      1536:2UmWS43qlQOaoXTzwYt62MpE/223a2BKP:U4Svzt62MMqjP

    Score
    9/10
    persistenceupx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Nirsoft

    • Executes dropped EXE

    • Sets DLL path for service in the registry

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Deletes itself

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks