Overview

overview

10

Static

static

1546b36e98...70.exe

windows7-x64

10

1546b36e98...70.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    1546b36e987b73fc65accc5b0c1c885224bd4a6d97f2d0a7ae41e079dfe9b770

  • Size

    57KB

  • Sample

    221205-s8y1eade43

  • MD5

    35e31932ceaac4665ae78504c51bc193

  • SHA1

    58ff7642da3251bfaecdd21b590a3a727481a314

  • SHA256

    1546b36e987b73fc65accc5b0c1c885224bd4a6d97f2d0a7ae41e079dfe9b770

  • SHA512

    1cb3eda27a34a49f7af8f6fedd8aaf42a5483b61ded9901d87c2137b47db6aff2cc2493e4bc5b910612f9ce6b18ddd5e7a39d49fc6dc764421f726143dc412d3

  • SSDEEP

    768:G+w2ABUMRfepD7H3az61T818/gy0ScBJX5vXQkdAlaf57vvJYlpUxbaSz:GuZj3aSV/rcPlBdAa7vqlpUxba

Score
10/10
persistenceupx

Malware Config

Targets

    • Target

      1546b36e987b73fc65accc5b0c1c885224bd4a6d97f2d0a7ae41e079dfe9b770

    • Size

      57KB

    • MD5

      35e31932ceaac4665ae78504c51bc193

    • SHA1

      58ff7642da3251bfaecdd21b590a3a727481a314

    • SHA256

      1546b36e987b73fc65accc5b0c1c885224bd4a6d97f2d0a7ae41e079dfe9b770

    • SHA512

      1cb3eda27a34a49f7af8f6fedd8aaf42a5483b61ded9901d87c2137b47db6aff2cc2493e4bc5b910612f9ce6b18ddd5e7a39d49fc6dc764421f726143dc412d3

    • SSDEEP

      768:G+w2ABUMRfepD7H3az61T818/gy0ScBJX5vXQkdAlaf57vvJYlpUxbaSz:GuZj3aSV/rcPlBdAa7vqlpUxba

    Score
    10/10
    persistenceupx

    • Modifies WinLogon for persistence

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks