Overview

overview

10

Static

static

7

7870c7e9fa...f0.exe

windows7-x64

10

7870c7e9fa...f0.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    7870c7e9fa3ca3f265fab7472331d5f0

  • Size

    567KB

  • Sample

    240126-1ce7esgcaj

  • MD5

    7870c7e9fa3ca3f265fab7472331d5f0

  • SHA1

    365876d510080c728745891ec6afc8e84b2ff25d

  • SHA256

    ea531e0665b241ee24c203c10d9257ffde2e54d526402df11e90d3ee36ef90d8

  • SHA512

    6a4f20844022c356e7a7a19b7e482332fc3812d621b531365ca3da733865af05cb66e6d52329af3b4f43d5571f04f8b3dbe006a18f1a13cd3daefa1036dbe729

  • SSDEEP

    12288:gOiYeZJys73dOvXDpNjNe8LOKYeZJys73dOvXDpNjNe8/4:5eZJ8NI8SeZJ8NI8/4

Score
10/10
evasionpersistenceupx

Malware Config

Targets

    • Target

      7870c7e9fa3ca3f265fab7472331d5f0

    • Size

      567KB

    • MD5

      7870c7e9fa3ca3f265fab7472331d5f0

    • SHA1

      365876d510080c728745891ec6afc8e84b2ff25d

    • SHA256

      ea531e0665b241ee24c203c10d9257ffde2e54d526402df11e90d3ee36ef90d8

    • SHA512

      6a4f20844022c356e7a7a19b7e482332fc3812d621b531365ca3da733865af05cb66e6d52329af3b4f43d5571f04f8b3dbe006a18f1a13cd3daefa1036dbe729

    • SSDEEP

      12288:gOiYeZJys73dOvXDpNjNe8LOKYeZJys73dOvXDpNjNe8/4:5eZJ8NI8SeZJ8NI8/4

    Score
    10/10
    evasionpersistenceupx

    • Modifies visibility of file extensions in Explorer

      evasion

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

      evasion

    • Sets file execution options in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks