Overview

overview

8

Static

static

7

libcef.dll

windows7-x64

8

libcef.dll

windows10-2004-x64

8

svchost.exe

windows7-x64

7

svchost.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.17a9a0c702531c81663c13176216b7a0_JC.cab

  • Size

    2.8MB

  • Sample

    231104-lxrnmafb6t

  • MD5

    17a9a0c702531c81663c13176216b7a0

  • SHA1

    224e5d7c48c46ffa939481ec66e1ac61297c2241

  • SHA256

    a26ca3fd670d10133d9c588a40de9baac0713f872393a2b776331349601a6f60

  • SHA512

    c2d03e2d4f15eac0b67a139efd709c181ee69da90d7c0240d772fcc588b67c9d2a64a70c59e177a012a19cb0608262fd12ff1645a136218f82836a413dce9428

  • SSDEEP

    49152:A1uIHzItIGOHUhsdimb4aDKnES6fG/UEHcKCZXpnZD50pdOzPVTANKLcU5mpfg5:auITG2WYrJoL/UscHnZ9zVTAsI45

Score
8/10
upx

Malware Config

Targets

    • Target

      libcef.dll

    • Size

      2.9MB

    • MD5

      1522c8277ace7328d12f01d0c055cf0f

    • SHA1

      a579a5506e06f1d9c13ea389e2584c185b204057

    • SHA256

      1ef20d1e5fc94caea9f4435d0ae75ddaf87b0556a991a73e8650506f8293e90a

    • SHA512

      bd914ff9097d661416c8b8ec9427c6fc4375ca5bcbb88af95ee347621be515312c41b5fc83fdd18ad597dafc9bfaead26ef2df0c5108e4c87f5a39431c4437e9

    • SSDEEP

      49152:2PnI39BqOi3W9EmVyO92A+/OFqkevtU5yRtKdNjGRVG83idF+8gGiQWPMGp6IZCS:2AtBqgEmA02AawqkelmyXCN6Rd3idF+X

    Score
    8/10
    upx

    • Blocklisted process makes network request

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

    • Target

      svchost.exe

    • Size

      264KB

    • MD5

      0a5b0607f6db1e8c9e3d2ca0da5c8d58

    • SHA1

      099a3435eacd5b82f4599203558e802c0a1b3c67

    • SHA256

      a7b2b51c542c883cac36465555dbd027be01e9dd5757b060b6245235181608a7

    • SHA512

      5e4f5e4fba9fe1e037e31cf9961bdc7f07f7eca893562fddadab9eef6b642a455d3ac4281a6c8d1f4e6f2525a947932cc31067ae5d96f1d3497ba0b8cbaf0560

    • SSDEEP

      3072:B1d6fJBMCTf8xi/twFPcFe6+BIqEMOAEFiZ/GXA/+ycJok2XnbuWeL:rdaB38xi2FPd8HMOnFiZ/GaXjqL

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks