Overview

overview

8

Static

static

FunInstall...03.exe

windows10-1703-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    FunInstaller_PS_0107003.exe

  • Size

    3.9MB

  • Sample

    230201-j5l21aed2v

  • MD5

    3d88c7f0992f6b65cf58d32dd71e87be

  • SHA1

    a80d4810f4b3c178ebc1c76af71a4750bd8681f2

  • SHA256

    2f75d7fed921e334bbd89bb6b4c3cc4cc9a161c0e68034c699e2485119b625a9

  • SHA512

    dbd5e3eec51b1191415935067090d6fa5ff918d3b57381b4779451a5a3c1f787ef522043525373816febc374495354a020a41447d5a265acd622cecf7452fb8b

  • SSDEEP

    98304:pUimMzoUqshxlF15+mGL3fvnNhpd2NgraW+QOgAL5OFTxc:SMo9exl552fvNHAKmW+Unxc

Score
8/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      FunInstaller_PS_0107003.exe

    • Size

      3.9MB

    • MD5

      3d88c7f0992f6b65cf58d32dd71e87be

    • SHA1

      a80d4810f4b3c178ebc1c76af71a4750bd8681f2

    • SHA256

      2f75d7fed921e334bbd89bb6b4c3cc4cc9a161c0e68034c699e2485119b625a9

    • SHA512

      dbd5e3eec51b1191415935067090d6fa5ff918d3b57381b4779451a5a3c1f787ef522043525373816febc374495354a020a41447d5a265acd622cecf7452fb8b

    • SSDEEP

      98304:pUimMzoUqshxlF15+mGL3fvnNhpd2NgraW+QOgAL5OFTxc:SMo9exl552fvNHAKmW+Unxc

    Score
    8/10
    discoverypersistenceupx

    • Registers COM server for autorun

      persistence

    • Sets DLL path for service in the registry

      persistence

    • Sets service image path in registry

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks