Overview

overview

10

Static

static

3

vaultFile7...93.exe

windows7-x64

7

vaultFile7...93.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    vaultFile7494906008829096493.exe

  • Size

    24.4MB

  • Sample

    240112-k3gj6sdafl

  • MD5

    316213c6c37cd4a79f7391e228871bad

  • SHA1

    112b5f4812e84cf98f476c041a99d462ec183c8f

  • SHA256

    b5c7ccd5354e20fa244581b70a679d0a91f08c3634d09b9a8ffbf130258c30b6

  • SHA512

    6bf74e2c7541c11de05d256779e7160aab8ea773587dd1e5620ec08268972c2eaf666ba89ff15a9be582268ea4e4116902f1869738057981c1c18ffd0ab6b1f3

  • SSDEEP

    393216:OrohOyMjBoiDBsVz3CSwBLwCt+w+SbGgX2ndHeyDvxkJdydJgFqHJT/dT50HoXJa:co/RCSwBLdtySbG5d+YBdJgwZ/x6Is

Score
10/10
evasionupx

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

http://officecdn.microsoft.com/pr/492350f6-3a01-4f97-b9c0-c7c6ddf67d60/Office/Data/v32.cab

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

http://officecdn.microsoft.com/pr/492350f6-3a01-4f97-b9c0-c7c6ddf67d60/Office/Data/v32.cab

Targets

    • Target

      vaultFile7494906008829096493.exe

    • Size

      24.4MB

    • MD5

      316213c6c37cd4a79f7391e228871bad

    • SHA1

      112b5f4812e84cf98f476c041a99d462ec183c8f

    • SHA256

      b5c7ccd5354e20fa244581b70a679d0a91f08c3634d09b9a8ffbf130258c30b6

    • SHA512

      6bf74e2c7541c11de05d256779e7160aab8ea773587dd1e5620ec08268972c2eaf666ba89ff15a9be582268ea4e4116902f1869738057981c1c18ffd0ab6b1f3

    • SSDEEP

      393216:OrohOyMjBoiDBsVz3CSwBLwCt+w+SbGgX2ndHeyDvxkJdydJgFqHJT/dT50HoXJa:co/RCSwBLdtySbG5d+YBdJgwZ/x6Is

    Score
    10/10
    evasionupx

    • Stops running service(s)

      evasion

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks