Overview

overview

7

Static

static

1

upgrade.exe

windows7-x64

7

upgrade.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    12a74be9c292970d164c1dba96af897f

  • Size

    645KB

  • Sample

    231224-z43lcsecbl

  • MD5

    12a74be9c292970d164c1dba96af897f

  • SHA1

    875f22aa70a69786e492f75b59c1b68ed2ff2d26

  • SHA256

    08a192efac286fc4e6433685a52dc400cfb3d9ca5575ab45a12fd360a5d27225

  • SHA512

    6f3cc7395acca8bc99d283e27be3850278add26f215c653df43a0b94db36f855c09a3eaaf5bfa9f1403f35d6396b467c3bf164bdd97de09085cdd25dbfd2c1dd

  • SSDEEP

    12288:RbHF5xSYwRQANQHptMdy0VHDU+plhFrLSDcuNMoUapA96zWJzL4K:RLF5x7wR7NxHHDjzOcuNMozpXW1

Score
7/10
discovery

Malware Config

Targets

    • Target

      upgrade.exe

    • Size

      654KB

    • MD5

      3f02aa2e93c02301997d6230f6cb3ed4

    • SHA1

      92d57df7e34b5a32f7986c036bcb13f133a6fe31

    • SHA256

      d75a0452f9162130a1dfd06725f70a25bf3214039785ccf3b015a5cf4f3d4e20

    • SHA512

      4ca73799f59c545f66f18a8bb7bbb5477f98fddd0387ef9df6b9e6cc87658c25cc3352ad88693971bcef84cec7608d2e01d51b14ccbf7ef7155f1e7893b88e7b

    • SSDEEP

      12288:MwBGxSJwRQbNQHp8Mdv04MWUDplOLrLS3cfN0oUaxA96gWJzLCt:zBGxkwRONCzMWkkycfN0ozxsWct

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks