Overview

overview

9

Static

static

7

178647ac19...82.exe

windows7-x64

9

178647ac19...82.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    178647ac19a1581186e1325abdffc982

  • Size

    54KB

  • Sample

    231225-ml5a1sgbb7

  • MD5

    178647ac19a1581186e1325abdffc982

  • SHA1

    2a3992a97a5d18a64cd5b3361052ea79ac5f0c63

  • SHA256

    7d1d0a762227a7b2befaa0514b286e2655659035002b5df1911da097be27b2ff

  • SHA512

    31e401ed1b8f96489430c7e79a02d3afd2de05c2dc4e190d55175a6ed34cc1ee2479f88855de742de50f828ee5a31f1c1274e8c14fdd9f2c0ec7b7f96050df7f

  • SSDEEP

    768:Dj413nijFMsaAlVX7XJmm2dZCIDzvZzZ+RovesFPeRlLPsJLW8:QRnihMjA3XGjvn+SmWIl7QX

Score
9/10
discoveryevasionupx

Malware Config

Targets

    • Target

      178647ac19a1581186e1325abdffc982

    • Size

      54KB

    • MD5

      178647ac19a1581186e1325abdffc982

    • SHA1

      2a3992a97a5d18a64cd5b3361052ea79ac5f0c63

    • SHA256

      7d1d0a762227a7b2befaa0514b286e2655659035002b5df1911da097be27b2ff

    • SHA512

      31e401ed1b8f96489430c7e79a02d3afd2de05c2dc4e190d55175a6ed34cc1ee2479f88855de742de50f828ee5a31f1c1274e8c14fdd9f2c0ec7b7f96050df7f

    • SSDEEP

      768:Dj413nijFMsaAlVX7XJmm2dZCIDzvZzZ+RovesFPeRlLPsJLW8:QRnihMjA3XGjvn+SmWIl7QX

    Score
    9/10
    discoveryevasionupx

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks