Overview

overview

8

Static

static

7

ad3f522829...c2.exe

windows7-x64

8

ad3f522829...c2.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    ad3f522829029ddeb896d7f6c92132ca6c0715bebd815a69c22cc48c1e187cc2

  • Size

    274KB

  • Sample

    230824-akktrsgg67

  • MD5

    9f8568844cdfa628bf47df040bc43326

  • SHA1

    9136b4c3d52e17cfc9f77a4624fe59fe29a6e01f

  • SHA256

    ad3f522829029ddeb896d7f6c92132ca6c0715bebd815a69c22cc48c1e187cc2

  • SHA512

    0a2315e258431ab1d289e609b955a1736a45d591743a092a0efd087de39b851c1b6713b93cd7b3da2c8ad307a75a09f6a622552878b50937e9d5cf0d75db84dc

  • SSDEEP

    6144:xbTirrfykiiUjh6QH/cEOkCybEaQRXr9HNdvOa:xPcrfR6ZnOkx2LIa

Score
8/10
upxvmprotect

Malware Config

Targets

    • Target

      ad3f522829029ddeb896d7f6c92132ca6c0715bebd815a69c22cc48c1e187cc2

    • Size

      274KB

    • MD5

      9f8568844cdfa628bf47df040bc43326

    • SHA1

      9136b4c3d52e17cfc9f77a4624fe59fe29a6e01f

    • SHA256

      ad3f522829029ddeb896d7f6c92132ca6c0715bebd815a69c22cc48c1e187cc2

    • SHA512

      0a2315e258431ab1d289e609b955a1736a45d591743a092a0efd087de39b851c1b6713b93cd7b3da2c8ad307a75a09f6a622552878b50937e9d5cf0d75db84dc

    • SSDEEP

      6144:xbTirrfykiiUjh6QH/cEOkCybEaQRXr9HNdvOa:xPcrfR6ZnOkx2LIa

    Score
    8/10
    upxvmprotect

    • Drops file in Drivers directory

    • Deletes itself

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks