Overview

overview

10

Static

static

10

source_prepared.exe

windows11-21h2-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    source_prepared.exe

  • Size

    80.5MB

  • Sample

    231224-m3jqmseah3

  • MD5

    a6e3c57624210b7f0e69eb76538f4ed8

  • SHA1

    d5774ef3cdd2f9c8cfa403024e43a67acd286681

  • SHA256

    ec0679604997c272911e2979887489f015006e10a59eafea602c8e74d32128d8

  • SHA512

    fcdf9157c8192925ac9f7f92b5f44597d5ce2063e0d811a5c86985caeccb0cd7e03b68caf66a0ad90d265429636ac647afe910b59e4e5bd07092c4225ef83e92

  • SSDEEP

    1572864:ziJR5Q3jq8jSk8IpG7V+VPhqptgWU9tgWLwjCiwnfurijYmfkWh1zWSWD3:zC+/SkB05awYWUsWcuiwnfAijYGkwZDM

Score
10/10
pysilonevasionpersistencepyinstallerupx

Malware Config

Targets

    • Target

      source_prepared.exe

    • Size

      80.5MB

    • MD5

      a6e3c57624210b7f0e69eb76538f4ed8

    • SHA1

      d5774ef3cdd2f9c8cfa403024e43a67acd286681

    • SHA256

      ec0679604997c272911e2979887489f015006e10a59eafea602c8e74d32128d8

    • SHA512

      fcdf9157c8192925ac9f7f92b5f44597d5ce2063e0d811a5c86985caeccb0cd7e03b68caf66a0ad90d265429636ac647afe910b59e4e5bd07092c4225ef83e92

    • SSDEEP

      1572864:ziJR5Q3jq8jSk8IpG7V+VPhqptgWU9tgWLwjCiwnfurijYmfkWh1zWSWD3:zC+/SkB05awYWUsWcuiwnfAijYGkwZDM

    Score
    8/10
    evasionpersistenceupx

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks