Overview

overview

7

Static

static

3

06ab8d4de5...6d.exe

windows7-x64

7

06ab8d4de5...6d.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    06ab8d4de50d9a8cfdd1e939baa3496d

  • Size

    128KB

  • Sample

    231225-fqdkjadcd5

  • MD5

    06ab8d4de50d9a8cfdd1e939baa3496d

  • SHA1

    ca8715049b9a5b519c69f9de4531af83c94d657a

  • SHA256

    e0e554a0510af40ffb04af3f5224b2f3e3d37c1b460df1a3eb7460f3e7965c75

  • SHA512

    e60ccad466b68675b8165684501524822fc067ce33474edf18af99426ad10d6989803795553482d6b8529332869265485381d89e3be9a4449d7a3127f23d29d5

  • SSDEEP

    3072:JCSY7w5vzZwUpX1GOdQ7nu4hEeCZrSJiT8T9g+lx27GwNiujQ5G940qnDOJa7aIN:829

Score
7/10
persistenceupx

Malware Config

Targets

    • Target

      06ab8d4de50d9a8cfdd1e939baa3496d

    • Size

      128KB

    • MD5

      06ab8d4de50d9a8cfdd1e939baa3496d

    • SHA1

      ca8715049b9a5b519c69f9de4531af83c94d657a

    • SHA256

      e0e554a0510af40ffb04af3f5224b2f3e3d37c1b460df1a3eb7460f3e7965c75

    • SHA512

      e60ccad466b68675b8165684501524822fc067ce33474edf18af99426ad10d6989803795553482d6b8529332869265485381d89e3be9a4449d7a3127f23d29d5

    • SSDEEP

      3072:JCSY7w5vzZwUpX1GOdQ7nu4hEeCZrSJiT8T9g+lx27GwNiujQ5G940qnDOJa7aIN:829

    Score
    7/10
    persistenceupx

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks