Overview

overview

8

Static

static

7

1df5aa6d20...d1.dll

windows7-x64

8

1df5aa6d20...d1.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1df5aa6d20be24bec6420b756473b8d1

  • Size

    86KB

  • Sample

    231230-1zymaahddq

  • MD5

    1df5aa6d20be24bec6420b756473b8d1

  • SHA1

    bb7807e83d8cbb670b7eb122e5d225a4415f46c7

  • SHA256

    ea6dfc045236f04c890333384b6661f1458beadd9225f8296b5ca0911a2f4c9b

  • SHA512

    4dcf0101b730a276ce7b1fcf373287f1f7a4a68716568596abf031939eb021a894c44d715d82b896bf0534041ede01f07e6ddc5799747164e55e6b80e487692c

  • SSDEEP

    1536:bpg2gCick62WGndL/QoPKrVinbh3aI1jC9drTdOKOKJAGyS3D:Vgb9ckdndLoo+QfmLdOKP2Gyg

Score
8/10
evasionupx

Malware Config

Targets

    • Target

      1df5aa6d20be24bec6420b756473b8d1

    • Size

      86KB

    • MD5

      1df5aa6d20be24bec6420b756473b8d1

    • SHA1

      bb7807e83d8cbb670b7eb122e5d225a4415f46c7

    • SHA256

      ea6dfc045236f04c890333384b6661f1458beadd9225f8296b5ca0911a2f4c9b

    • SHA512

      4dcf0101b730a276ce7b1fcf373287f1f7a4a68716568596abf031939eb021a894c44d715d82b896bf0534041ede01f07e6ddc5799747164e55e6b80e487692c

    • SSDEEP

      1536:bpg2gCick62WGndL/QoPKrVinbh3aI1jC9drTdOKOKJAGyS3D:Vgb9ckdndLoo+QfmLdOKP2Gyg

    Score
    8/10
    evasionupx

    • Blocklisted process makes network request

    • Modifies Windows Firewall

      evasion

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks