Overview

overview

8

Static

static

3

0dfde1a4c8...ea.exe

windows7-x64

0dfde1a4c8...ea.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0dfde1a4c8f38abc290a7e4ad757edea

  • Size

    1.6MB

  • Sample

    231225-h2qeksagfj

  • MD5

    0dfde1a4c8f38abc290a7e4ad757edea

  • SHA1

    a267435dd6ed2994325bf13f88710e48088b0a31

  • SHA256

    f0062067c120a8f25766476d9155dbfb0a76845a395b24b810bca895b110f735

  • SHA512

    47c479981b786201eaceed43fbb382135c038067eb1495d431ea3ea712f99e2e32dc23cbbfa34b8a47d09b500fc6b817f7d6b4ba01918d2b745a83e353382d07

  • SSDEEP

    49152:YzP7qZDJfRuuDO3AWHGqB8NNOyeDrmQ0w13:YsuIwmvNNE/50w13

Score
8/10
evasionpersistenceupx

Malware Config

Targets

    • Target

      0dfde1a4c8f38abc290a7e4ad757edea

    • Size

      1.6MB

    • MD5

      0dfde1a4c8f38abc290a7e4ad757edea

    • SHA1

      a267435dd6ed2994325bf13f88710e48088b0a31

    • SHA256

      f0062067c120a8f25766476d9155dbfb0a76845a395b24b810bca895b110f735

    • SHA512

      47c479981b786201eaceed43fbb382135c038067eb1495d431ea3ea712f99e2e32dc23cbbfa34b8a47d09b500fc6b817f7d6b4ba01918d2b745a83e353382d07

    • SSDEEP

      49152:YzP7qZDJfRuuDO3AWHGqB8NNOyeDrmQ0w13:YsuIwmvNNE/50w13

    Score
    8/10
    evasionpersistenceupx

    • Disables RegEdit via registry modification

      evasion

    • Disables Task Manager via registry modification

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks