Overview

overview

10

Static

static

7

00871ea218...1f.exe

windows7-x64

7

00871ea218...1f.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    00871ea218f1cdf8cfaf0e8d2fa3901f

  • Size

    77KB

  • Sample

    231225-c6dzfscbgr

  • MD5

    00871ea218f1cdf8cfaf0e8d2fa3901f

  • SHA1

    b18c7f0a2ac614345f8fc7e347e31e8fba6e9a36

  • SHA256

    7153ce847b0d4281ef80a3d928c064cf013f04da0ea0bdaa7ad928ecafeeb607

  • SHA512

    918e6cd6acd5b1c4c330898d7e9aae3e60c0eb44a0b6ab0333885a1f246e7e7f96ed856e132dfa1452654a34632e4536781a5afd89dca04cf3e9e7c8b0821984

  • SSDEEP

    1536:OZz8vN5bAG2Pooyv3pUjuXw5ANKZKHtjjZ:Ez8F5MG2PS/uj15ANOyp

Score
10/10
persistenceupx

Malware Config

Targets

    • Target

      00871ea218f1cdf8cfaf0e8d2fa3901f

    • Size

      77KB

    • MD5

      00871ea218f1cdf8cfaf0e8d2fa3901f

    • SHA1

      b18c7f0a2ac614345f8fc7e347e31e8fba6e9a36

    • SHA256

      7153ce847b0d4281ef80a3d928c064cf013f04da0ea0bdaa7ad928ecafeeb607

    • SHA512

      918e6cd6acd5b1c4c330898d7e9aae3e60c0eb44a0b6ab0333885a1f246e7e7f96ed856e132dfa1452654a34632e4536781a5afd89dca04cf3e9e7c8b0821984

    • SSDEEP

      1536:OZz8vN5bAG2Pooyv3pUjuXw5ANKZKHtjjZ:Ez8F5MG2PS/uj15ANOyp

    Score
    10/10
    upxpersistence

    • Modifies WinLogon for persistence

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks