Overview

overview

8

Static

static

8

fcd8096f60...17.exe

windows7-x64

8

fcd8096f60...17.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    fcd8096f60bf90e6db2b95d36d58cf5baf559a83c5ba373c2680c0d48f7d1817

  • Size

    1.1MB

  • Sample

    221206-29n19sdc75

  • MD5

    653b70e03805502fa93f10fe76708042

  • SHA1

    0c3535e420f7fb1d955571058242760fe4a195dd

  • SHA256

    fcd8096f60bf90e6db2b95d36d58cf5baf559a83c5ba373c2680c0d48f7d1817

  • SHA512

    07de3913528841aa159db0fbd8d3ecdf2fb929135929653637ea9b07ecb8731922fd1cdafb2802cfbc0a2218a9a6aeb19c5a37d5c1d23d5561407a6f8effa1ca

  • SSDEEP

    12288:rbpHYUKy5U1bo9t8DMRSW9vbciUiLuAvOxMt11i27QitjlJ:r5sJo6YrFUiyAak11LtjlJ

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      fcd8096f60bf90e6db2b95d36d58cf5baf559a83c5ba373c2680c0d48f7d1817

    • Size

      1.1MB

    • MD5

      653b70e03805502fa93f10fe76708042

    • SHA1

      0c3535e420f7fb1d955571058242760fe4a195dd

    • SHA256

      fcd8096f60bf90e6db2b95d36d58cf5baf559a83c5ba373c2680c0d48f7d1817

    • SHA512

      07de3913528841aa159db0fbd8d3ecdf2fb929135929653637ea9b07ecb8731922fd1cdafb2802cfbc0a2218a9a6aeb19c5a37d5c1d23d5561407a6f8effa1ca

    • SSDEEP

      12288:rbpHYUKy5U1bo9t8DMRSW9vbciUiLuAvOxMt11i27QitjlJ:r5sJo6YrFUiyAak11LtjlJ

    Score
    8/10
    persistenceupx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks