Overview

overview

8

Static

static

1

b931cedeec...ab.exe

windows7-x64

8

b931cedeec...ab.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    b931cedeec28f429dc4b1ea6b1926db694072eb97de58736ee65b5758b39a5ab

  • Size

    2.7MB

  • Sample

    240109-ycz6gsaee8

  • MD5

    af12569d810108c8e0cc9942c00d9cc3

  • SHA1

    daa0f91d9c20c57b8da86fdc529c89370fd29256

  • SHA256

    b931cedeec28f429dc4b1ea6b1926db694072eb97de58736ee65b5758b39a5ab

  • SHA512

    27cd428bb100e49dd91dfaf31da9c874836aecad1b97b4db8accca508d1d4fac19b62777c484feb4ca40622b1a34579310b862b9ff632372db936c22de2e232d

  • SSDEEP

    49152:Flks4A6lVLX6Sc60KNUFFIIsTp69FlNN7boUvH6u//zHuwhXPwMQ9i9ZMW/KMZKq:/n6r6+0KUFIIsTY9Fl/7boUi+iwZPwMJ

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      b931cedeec28f429dc4b1ea6b1926db694072eb97de58736ee65b5758b39a5ab

    • Size

      2.7MB

    • MD5

      af12569d810108c8e0cc9942c00d9cc3

    • SHA1

      daa0f91d9c20c57b8da86fdc529c89370fd29256

    • SHA256

      b931cedeec28f429dc4b1ea6b1926db694072eb97de58736ee65b5758b39a5ab

    • SHA512

      27cd428bb100e49dd91dfaf31da9c874836aecad1b97b4db8accca508d1d4fac19b62777c484feb4ca40622b1a34579310b862b9ff632372db936c22de2e232d

    • SSDEEP

      49152:Flks4A6lVLX6Sc60KNUFFIIsTp69FlNN7boUvH6u//zHuwhXPwMQ9i9ZMW/KMZKq:/n6r6+0KUFIIsTY9Fl/7boUi+iwZPwMJ

    Score
    8/10
    persistenceupx

    • Modifies AppInit DLL entries

      persistence

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks