Overview

overview

8

Static

static

1

1f25d1d912...00.exe

windows7-x64

8

1f25d1d912...00.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1f25d1d91271da0a1eaad2fe97fa233da0bba5799312c6bbf5aca701a07b8e00

  • Size

    286KB

  • Sample

    240107-qaattahab8

  • MD5

    4c8efd45abeda96baff96c19441ecc0d

  • SHA1

    4aa331c54760f0cf30533840c95450152d85123e

  • SHA256

    1f25d1d91271da0a1eaad2fe97fa233da0bba5799312c6bbf5aca701a07b8e00

  • SHA512

    4701734184746a7e75c80a08f489ad9f581b24fd4b78eb609e26a57254ff38ef3238bdb3e9d6d3a1341db44d584515d4c22f835ede8648968e5acdae6ecd5e74

  • SSDEEP

    6144:YpNkhSR/5kHouyXnZhB+h8WHxBV+UdvrEFp7hK+s:YpNkhm/JuyXnPB+h8WHxBjvrEH7Vs

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      1f25d1d91271da0a1eaad2fe97fa233da0bba5799312c6bbf5aca701a07b8e00

    • Size

      286KB

    • MD5

      4c8efd45abeda96baff96c19441ecc0d

    • SHA1

      4aa331c54760f0cf30533840c95450152d85123e

    • SHA256

      1f25d1d91271da0a1eaad2fe97fa233da0bba5799312c6bbf5aca701a07b8e00

    • SHA512

      4701734184746a7e75c80a08f489ad9f581b24fd4b78eb609e26a57254ff38ef3238bdb3e9d6d3a1341db44d584515d4c22f835ede8648968e5acdae6ecd5e74

    • SSDEEP

      6144:YpNkhSR/5kHouyXnZhB+h8WHxBV+UdvrEFp7hK+s:YpNkhm/JuyXnPB+h8WHxBjvrEH7Vs

    Score
    8/10
    persistenceupx

    • Modifies AppInit DLL entries

      persistence

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks