General

  • Target

    source_prepared.exe

  • Size

    72.2MB

  • Sample

    231119-bpkv1agc85

  • MD5

    4c86b394b5c33af5bc3566c7e41e4c2b

  • SHA1

    baa0e7d44221e48c017340f05db9f3b0dda833c9

  • SHA256

    7d7d1590c9fd7d38f6686df2c96060953ce3aca51865a91522952cc5d8172165

  • SHA512

    4298a69ff1474e58f7642a5fea7767cbdc535a6b83f724cb87842c455d0140479611f7681094987eb44eca7ed8f8296912af7cd8397234684204db11bbeedd3f

  • SSDEEP

    1572864:T2MRMQpjSkSk8IpG7V+VPhqILE7ARjRnWWWpyppiZzI+hReSWJWrZO37AYv:TZRMq+kSkB05awIRRdleg2zdESGc6A2

Malware Config

Targets

    • Target

      source_prepared.exe

    • Size

      72.2MB

    • MD5

      4c86b394b5c33af5bc3566c7e41e4c2b

    • SHA1

      baa0e7d44221e48c017340f05db9f3b0dda833c9

    • SHA256

      7d7d1590c9fd7d38f6686df2c96060953ce3aca51865a91522952cc5d8172165

    • SHA512

      4298a69ff1474e58f7642a5fea7767cbdc535a6b83f724cb87842c455d0140479611f7681094987eb44eca7ed8f8296912af7cd8397234684204db11bbeedd3f

    • SSDEEP

      1572864:T2MRMQpjSkSk8IpG7V+VPhqILE7ARjRnWWWpyppiZzI+hReSWJWrZO37AYv:TZRMq+kSkB05awIRRdleg2zdESGc6A2

    Score
    9/10
    • Enumerates VirtualBox DLL files

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks