Overview

overview

7

Static

static

7

1f61987742...48.exe

windows7-x64

7

1f61987742...48.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    1f61987742e182517c91daf457c3c548

  • Size

    944KB

  • Sample

    231230-222mdsbef7

  • MD5

    1f61987742e182517c91daf457c3c548

  • SHA1

    25c2a86ea6ad232245352a12f4b9262dc3b84ea3

  • SHA256

    8751cec19afe7e8f43e8c68a8a11c6f73c85dcc57062e8aa7c1af1cb8ab327aa

  • SHA512

    57cf3184539f9440c3ce1ba6a439c3af4cada68de46305958fb99a3296c2d7e2d4e12627d9cdc8280e1f286dddd83c255eff4e732c92d624b2514f00784fbcea

  • SSDEEP

    12288:rbpHYUKy5U1bo9t8DMRSW9vbciUiLuAvOxMt11i27QitjmV:r5sJo6YrFUiyAak11LtjmV

Score
7/10
persistenceupx

Malware Config

Targets

    • Target

      1f61987742e182517c91daf457c3c548

    • Size

      944KB

    • MD5

      1f61987742e182517c91daf457c3c548

    • SHA1

      25c2a86ea6ad232245352a12f4b9262dc3b84ea3

    • SHA256

      8751cec19afe7e8f43e8c68a8a11c6f73c85dcc57062e8aa7c1af1cb8ab327aa

    • SHA512

      57cf3184539f9440c3ce1ba6a439c3af4cada68de46305958fb99a3296c2d7e2d4e12627d9cdc8280e1f286dddd83c255eff4e732c92d624b2514f00784fbcea

    • SSDEEP

      12288:rbpHYUKy5U1bo9t8DMRSW9vbciUiLuAvOxMt11i27QitjmV:r5sJo6YrFUiyAak11LtjmV

    Score
    7/10
    persistenceupx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks