Overview

overview

8

Static

static

3

d028434c39...99.exe

windows7-x64

8

d028434c39...99.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    d028434c39a818194b08818e8279e022fe39d1d353c9f04c93e3d0d670124499

  • Size

    1.2MB

  • Sample

    230804-jepp7sbb5v

  • MD5

    db695717b1c68007abf48df8c958b8bc

  • SHA1

    3113fa00189aeae00e372468fe04947e1469c229

  • SHA256

    d028434c39a818194b08818e8279e022fe39d1d353c9f04c93e3d0d670124499

  • SHA512

    493c9688e356bbe7abfbe40f5739b292014837373203ae10951d26e30de4575e305961c8062956362bbbdc078056d48add0c83f7bf3a6aa13525ab2446d74074

  • SSDEEP

    24576:K/gFLmSuAlQX5sGm/lHjaf7/LRLW0muhKbywIa0n5qQdgcR0JcOtz:KYLmglyGps7/L8zuhpvn5dh2Jftz

Score
8/10
aspackv2evasionupx

Malware Config

Targets

    • Target

      d028434c39a818194b08818e8279e022fe39d1d353c9f04c93e3d0d670124499

    • Size

      1.2MB

    • MD5

      db695717b1c68007abf48df8c958b8bc

    • SHA1

      3113fa00189aeae00e372468fe04947e1469c229

    • SHA256

      d028434c39a818194b08818e8279e022fe39d1d353c9f04c93e3d0d670124499

    • SHA512

      493c9688e356bbe7abfbe40f5739b292014837373203ae10951d26e30de4575e305961c8062956362bbbdc078056d48add0c83f7bf3a6aa13525ab2446d74074

    • SSDEEP

      24576:K/gFLmSuAlQX5sGm/lHjaf7/LRLW0muhKbywIa0n5qQdgcR0JcOtz:KYLmglyGps7/L8zuhpvn5dh2Jftz

    Score
    8/10
    aspackv2evasionupx

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks