Overview

overview

10

Static

static

7

393f2b11be...51.exe

windows7-x64

10

393f2b11be...51.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    393f2b11be68b44eef3a296495d43351

  • Size

    43KB

  • Sample

    231231-rf9qrsddg8

  • MD5

    393f2b11be68b44eef3a296495d43351

  • SHA1

    1f08f6ab5d358f5deabfd2b74591db9f506b4f08

  • SHA256

    d74253c54801dd63e8fc4a4e11dbd4b4322f5b3bbbea23ba9af5a0ec10f322d7

  • SHA512

    1107a74a8b79cd89720574f24174c1fc70b70f813e891e9a00a8b371d14a526c7c62e50141aae794350d7b92c3cb2c783b22607dd3371c3a7774244a74169e16

  • SSDEEP

    768:9IrI3tBKWuJFD4janW7wQe2OWSdqWB779dyR2mSMfK26nbcuyD7Ua:9HZu/JWSMWt9dytKvnouy8

Score
10/10
persistenceupx

Malware Config

Targets

    • Target

      393f2b11be68b44eef3a296495d43351

    • Size

      43KB

    • MD5

      393f2b11be68b44eef3a296495d43351

    • SHA1

      1f08f6ab5d358f5deabfd2b74591db9f506b4f08

    • SHA256

      d74253c54801dd63e8fc4a4e11dbd4b4322f5b3bbbea23ba9af5a0ec10f322d7

    • SHA512

      1107a74a8b79cd89720574f24174c1fc70b70f813e891e9a00a8b371d14a526c7c62e50141aae794350d7b92c3cb2c783b22607dd3371c3a7774244a74169e16

    • SSDEEP

      768:9IrI3tBKWuJFD4janW7wQe2OWSdqWB779dyR2mSMfK26nbcuyD7Ua:9HZu/JWSMWt9dytKvnouy8

    Score
    10/10
    persistenceupx

    • Modifies WinLogon for persistence

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Winlogon Helper DLL

1
T1547.004

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Winlogon Helper DLL

1
T1547.004

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks