Overview

overview

8

Static

static

3

6120ce2ded...25.exe

windows7-x64

8

6120ce2ded...25.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    6120ce2dedfd1ec8d0c0a09dcc9b6365cf33a3e98eb0698598e0e96054c3a025

  • Size

    440KB

  • Sample

    231116-d891cafd72

  • MD5

    2edfd2355a6cd47127e2c968ddfdb3b8

  • SHA1

    582176c88af3cac67d347fb38daddad1c81e7c13

  • SHA256

    6120ce2dedfd1ec8d0c0a09dcc9b6365cf33a3e98eb0698598e0e96054c3a025

  • SHA512

    4d15964e54c4306d4d602a4274b5463c3ae17f5eff35d7a499965e5e21d253d998183ea040f93b1d18b60a8f46e5576a21b5aad8c08bcf50a6bff35cca15d9cb

  • SSDEEP

    12288:2/J+CtaxnjZpAbxdxDcWcnR4bfXfwiSeiw8xxSjS8NO0qwxeWfF02/S0lqJqcZQi:+el3z0DvfeUYqcZQCGm4YprEH7q

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      6120ce2dedfd1ec8d0c0a09dcc9b6365cf33a3e98eb0698598e0e96054c3a025

    • Size

      440KB

    • MD5

      2edfd2355a6cd47127e2c968ddfdb3b8

    • SHA1

      582176c88af3cac67d347fb38daddad1c81e7c13

    • SHA256

      6120ce2dedfd1ec8d0c0a09dcc9b6365cf33a3e98eb0698598e0e96054c3a025

    • SHA512

      4d15964e54c4306d4d602a4274b5463c3ae17f5eff35d7a499965e5e21d253d998183ea040f93b1d18b60a8f46e5576a21b5aad8c08bcf50a6bff35cca15d9cb

    • SSDEEP

      12288:2/J+CtaxnjZpAbxdxDcWcnR4bfXfwiSeiw8xxSjS8NO0qwxeWfF02/S0lqJqcZQi:+el3z0DvfeUYqcZQCGm4YprEH7q

    Score
    8/10
    persistenceupx

    • Modifies AppInit DLL entries

      persistence

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks