Overview

overview

8

Static

static

7

18c5f91401...82.exe

windows7-x64

8

18c5f91401...82.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    18c5f914019b47d736d9544251f313d4b4226bcff3fd323eaf1d916410294982

  • Size

    536KB

  • Sample

    230822-wx8bgsfg8w

  • MD5

    010c5bc6b16604789a86f5e545ff568d

  • SHA1

    d6b726e6e8588d33fcd14001089861784587ab84

  • SHA256

    18c5f914019b47d736d9544251f313d4b4226bcff3fd323eaf1d916410294982

  • SHA512

    2490ce73b696f682211e9bc4ff53fa97582bb5790cbd534d0fcfe4d0a3e6fc1ab3221e78103ecbfe5f5e2b6572392a2bd43977ac181c7f78306322482e1c969d

  • SSDEEP

    12288:COreCbJ6z1GZnCbPLwY5ZhUXy4Okx2LIa:+CKTYrOkx2LF

Score
8/10
upx

Malware Config

Targets

    • Target

      18c5f914019b47d736d9544251f313d4b4226bcff3fd323eaf1d916410294982

    • Size

      536KB

    • MD5

      010c5bc6b16604789a86f5e545ff568d

    • SHA1

      d6b726e6e8588d33fcd14001089861784587ab84

    • SHA256

      18c5f914019b47d736d9544251f313d4b4226bcff3fd323eaf1d916410294982

    • SHA512

      2490ce73b696f682211e9bc4ff53fa97582bb5790cbd534d0fcfe4d0a3e6fc1ab3221e78103ecbfe5f5e2b6572392a2bd43977ac181c7f78306322482e1c969d

    • SSDEEP

      12288:COreCbJ6z1GZnCbPLwY5ZhUXy4Okx2LIa:+CKTYrOkx2LF

    Score
    8/10
    upx

    • Drops file in Drivers directory

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks