Overview

overview

7

Static

static

1

Processo 1...wq.msi

windows7-x64

7

Processo 1...wq.msi

windows10-2004-x64

7

Resubmissions

11/02/2023, 11:31

230211-nm7cfaaa6w 7

11/02/2023, 11:24

230211-nhw1xaag53 7

Sharing

Copy URL Twitter E-mail

General

  • Target

    processo1631454.rar

  • Size

    21.3MB

  • Sample

    230211-nhw1xaag53

  • MD5

    a9c88704c9aa74f7e1d5e886da6837ba

  • SHA1

    164812b2a8bec0fada35486b1d8634a8e37d53da

  • SHA256

    f221344c4c30b335a2236f09fbbdd1c14fb1ab9a742fe3aee9fd1f6e4cd0a62f

  • SHA512

    b0dea37f335b70f48286eb88545857b50e97234df2591ffd74e2bd78e51c252a59d00771f36f1ad2a7ba17dfbb6634bb6426dcc27d6d3e86f79aaa9587bd0443

  • SSDEEP

    393216:j8jBMljz2nYIyrZEKZklKCelkeZtpBZPfToD4xQcNyHXW1WXp1x5gD3gR8A:j8jBMl2nYnrGoGaBZ1ZProUQCyHXW1W3

Score
7/10
persistenceupx

Malware Config

Targets

    • Target

      Processo 10-02-2023 ogwq.msi

    • Size

      44.7MB

    • MD5

      a04ba334b40e4c96f84d5dac04a707d8

    • SHA1

      1907073e47613b7ab7ed7fb5c7f549c4bdb25a1c

    • SHA256

      a1eeb30e8fa2e689737afb5a4556e14b4ee0e6405837a2d0b03391eecb5f09f6

    • SHA512

      b0dd66b4fce6870ea22905b1b246fc6f2f85c47e774b98716b92a58d1f6cf4ea4de77f0595db4d4fcf01b92f6b879938ba772fb910cbce397d16bbdc3389295f

    • SSDEEP

      786432:TfgoDvwu7MpTmGXKq9QVgglClybzPnrQs6AStU:TooDwuopTmGL9OgNyENAT

    Score
    7/10
    upxpersistence

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks