Overview

overview

7

Static

static

3

08be189094...25.exe

windows7-x64

7

08be189094...25.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    08be18909434c8678da1720717f05625

  • Size

    120KB

  • Sample

    231225-gdd6zagehj

  • MD5

    08be18909434c8678da1720717f05625

  • SHA1

    594da69b4adbddf7e850a8b6cbebcab2d8489007

  • SHA256

    8203759ecc16dbf3ce8449eb6708ed7f570541e9aac0594592c4212c9fa1bc34

  • SHA512

    b0df49e9fd97478a4285f0f08ce0e099aab86d11c81749cda3fab644fe441bff3487688422939c9d0212072af681d1e1b55c0e3fbafca328828efac2796754d8

  • SSDEEP

    1536:QIDThSFWEv7NyArVF3qmRIjbPT6XpOPzmsLPtTh0PE:phSFWETNykFaygbipEzLLPRh0M

Score
7/10
persistenceupx

Malware Config

Targets

    • Target

      08be18909434c8678da1720717f05625

    • Size

      120KB

    • MD5

      08be18909434c8678da1720717f05625

    • SHA1

      594da69b4adbddf7e850a8b6cbebcab2d8489007

    • SHA256

      8203759ecc16dbf3ce8449eb6708ed7f570541e9aac0594592c4212c9fa1bc34

    • SHA512

      b0df49e9fd97478a4285f0f08ce0e099aab86d11c81749cda3fab644fe441bff3487688422939c9d0212072af681d1e1b55c0e3fbafca328828efac2796754d8

    • SSDEEP

      1536:QIDThSFWEv7NyArVF3qmRIjbPT6XpOPzmsLPtTh0PE:phSFWETNykFaygbipEzLLPRh0M

    Score
    7/10
    persistenceupx

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks