Overview

overview

8

Static

static

3

16dbc94fcd...db.exe

windows7-x64

8

16dbc94fcd...db.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    16dbc94fcd4bb3a1c69cd18ebcd23adb

  • Size

    866KB

  • Sample

    231225-medjqadgdn

  • MD5

    16dbc94fcd4bb3a1c69cd18ebcd23adb

  • SHA1

    74461e4c56c6ddbb510ded0d46bc26cd551497ce

  • SHA256

    f006dc1a29493df15efd48db8b32ddb0259299ad904dc1c3710481dbf911df38

  • SHA512

    a915337903330cfddd60d4a142bcf1427fd52e3289f706a63b39205747815fc26c7bdf450fc3c5e1132cf4ba41f0847545290f45f0ae5e1e6d90a1d5209e1870

  • SSDEEP

    12288:AAFDLbi4fhNDwYPcNnyweGPCspQdQKgZmJa1F9IQ/A1BWC:L7i2zJPSjPC+QOKZ81IVL

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      16dbc94fcd4bb3a1c69cd18ebcd23adb

    • Size

      866KB

    • MD5

      16dbc94fcd4bb3a1c69cd18ebcd23adb

    • SHA1

      74461e4c56c6ddbb510ded0d46bc26cd551497ce

    • SHA256

      f006dc1a29493df15efd48db8b32ddb0259299ad904dc1c3710481dbf911df38

    • SHA512

      a915337903330cfddd60d4a142bcf1427fd52e3289f706a63b39205747815fc26c7bdf450fc3c5e1132cf4ba41f0847545290f45f0ae5e1e6d90a1d5209e1870

    • SSDEEP

      12288:AAFDLbi4fhNDwYPcNnyweGPCspQdQKgZmJa1F9IQ/A1BWC:L7i2zJPSjPC+QOKZ81IVL

    Score
    8/10
    persistenceupx

    • Modifies Installed Components in the registry

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks