Overview

overview

10

Static

static

10

source_prepared.exe

windows7-x64

7

source_prepared.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    source_prepared.exe

  • Size

    76.4MB

  • Sample

    231023-nh9l1aga9x

  • MD5

    a4dd895d634c5d704400536e4559b377

  • SHA1

    5ffb8997102ffa5c55b5945d5de25eb7eb005cfd

  • SHA256

    83b6c0c1221b21512560a88b5fff6a08acd8886410a4b05f72e1278def90068a

  • SHA512

    cdde53662de75274327c3f320f6054c88abd22e8008111933697a635fb5d6c79abc14cf09e4ee77d6ab470931401f6e13e8f6a1f1494c2e0095a4fca1f636383

  • SSDEEP

    1572864:G2MTiQYHRLpqSk8IpG7V+VPhq2+OME7D5+HpuWlXxTa9k4VPIOWBaUbBpIUTD:GZTixx4SkB05aw2+OpIJ93Ty9VPVOaUZ

Score
10/10
pysilonpersistencepyinstallerupx

Malware Config

Targets

    • Target

      source_prepared.exe

    • Size

      76.4MB

    • MD5

      a4dd895d634c5d704400536e4559b377

    • SHA1

      5ffb8997102ffa5c55b5945d5de25eb7eb005cfd

    • SHA256

      83b6c0c1221b21512560a88b5fff6a08acd8886410a4b05f72e1278def90068a

    • SHA512

      cdde53662de75274327c3f320f6054c88abd22e8008111933697a635fb5d6c79abc14cf09e4ee77d6ab470931401f6e13e8f6a1f1494c2e0095a4fca1f636383

    • SSDEEP

      1572864:G2MTiQYHRLpqSk8IpG7V+VPhq2+OME7D5+HpuWlXxTa9k4VPIOWBaUbBpIUTD:GZTixx4SkB05aw2+OpIJ93Ty9VPVOaUZ

    Score
    9/10
    upxpersistence

    • Enumerates VirtualBox DLL files

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks