Overview

overview

10

Static

static

8

e35d7ba1a5...43.exe

windows7-x64

10

e35d7ba1a5...43.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    e35d7ba1a5027c89c357e18304ff88d4f2c8d548b8711fa1107118b1deee8143

  • Size

    341KB

  • Sample

    221205-w1tbqsgg3v

  • MD5

    09dfb451463f58ca7de4535a5156c470

  • SHA1

    d899b724a6e0813c52a4b52c78016152e828e245

  • SHA256

    e35d7ba1a5027c89c357e18304ff88d4f2c8d548b8711fa1107118b1deee8143

  • SHA512

    59cb4e34ba039980d925438aaac0d8ec06db26c4a8cd5f55dc2a4b4a4c0616582088ac5540683ceffe6bb0e650ebeb6a9a8bb8e3c0ff881498a711f00af970f6

  • SSDEEP

    6144:M36i6htdvIydnCseroPQKvU9wPhFOXQsZrPTeoHm0HhDtdT22CpuvNJSE7V1XDhj:y6/DdQHroPTAwpwXQsBPTeoG0HhDtdCq

Score
10/10
persistenceupx

Malware Config

Targets

    • Target

      e35d7ba1a5027c89c357e18304ff88d4f2c8d548b8711fa1107118b1deee8143

    • Size

      341KB

    • MD5

      09dfb451463f58ca7de4535a5156c470

    • SHA1

      d899b724a6e0813c52a4b52c78016152e828e245

    • SHA256

      e35d7ba1a5027c89c357e18304ff88d4f2c8d548b8711fa1107118b1deee8143

    • SHA512

      59cb4e34ba039980d925438aaac0d8ec06db26c4a8cd5f55dc2a4b4a4c0616582088ac5540683ceffe6bb0e650ebeb6a9a8bb8e3c0ff881498a711f00af970f6

    • SSDEEP

      6144:M36i6htdvIydnCseroPQKvU9wPhFOXQsZrPTeoHm0HhDtdT22CpuvNJSE7V1XDhj:y6/DdQHroPTAwpwXQsBPTeoG0HhDtdCq

    Score
    10/10
    persistenceupx

    • Modifies WinLogon for persistence

      persistence

    • Adds policy Run key to start application

      persistence

    • Executes dropped EXE

    • Modifies Installed Components in the registry

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Deletes itself

    • Loads dropped DLL

    • Modifies WinLogon

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks