General

  • Target

    FinalPatchFix.exe

  • Size

    24.0MB

  • Sample

    230911-hlj8maec85

  • MD5

    6f065099e41c7c15be2eb53774472e70

  • SHA1

    d21ae8afde241e96ac8c3ac479804bdddf9b1ca8

  • SHA256

    e1a0995ab2386ab409193051f126be474ed0d64544d7af50ba16c3e4f0d004f0

  • SHA512

    9a2cc5a4811bbe07ea106d4cdc7b1cec3294fbb4c1a7ca9b4e1e1435b7e880ec82a8e5b0c44900b2ff7e3d0c2644c314e679859fc8d860c6f841781d4a0990d6

  • SSDEEP

    393216:fLFldnJWQnbF56sybTlR4Bji1g3S1bogOqZHU8g26YXu1zQCmdjdC:fDdEQh5IlR41iyWUkHUVWdvE

Malware Config

Targets

    • Target

      FinalPatchFix.exe

    • Size

      24.0MB

    • MD5

      6f065099e41c7c15be2eb53774472e70

    • SHA1

      d21ae8afde241e96ac8c3ac479804bdddf9b1ca8

    • SHA256

      e1a0995ab2386ab409193051f126be474ed0d64544d7af50ba16c3e4f0d004f0

    • SHA512

      9a2cc5a4811bbe07ea106d4cdc7b1cec3294fbb4c1a7ca9b4e1e1435b7e880ec82a8e5b0c44900b2ff7e3d0c2644c314e679859fc8d860c6f841781d4a0990d6

    • SSDEEP

      393216:fLFldnJWQnbF56sybTlR4Bji1g3S1bogOqZHU8g26YXu1zQCmdjdC:fDdEQh5IlR41iyWUkHUVWdvE

    Score
    9/10
    • Enumerates VirtualBox DLL files

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks