Overview

overview

10

Static

static

3

8bc96c655a...42.exe

windows7-x64

10

8bc96c655a...42.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    8bc96c655a11585bc4b4db87cda3f942

  • Size

    361KB

  • Sample

    240203-jncf8segdn

  • MD5

    8bc96c655a11585bc4b4db87cda3f942

  • SHA1

    9e6e6991db0fe4d31104179fbbb8ac4aa1685af2

  • SHA256

    b3805e9f20934608a5effd673449b584218dabddc033f7da76253611802e0e16

  • SHA512

    0edb0e218a6ad3a507fde4782bd97b22d29345b9c0cd8a0c0bcc686083e2d848e9142d23d55755c0a07fdb41c09085d147b71f8c04532f1cd3fe763b5c8f4d77

  • SSDEEP

    6144:CYJUIr+OXOBaU7iGYiJkaV2OFbC4XEqPTY/U1GvbYG+XtLETkzmo:CYJUZxgU7iGYiJkaC2fPTY/U8vbYj54O

Score
10/10
persistenceupx

Malware Config

Targets

    • Target

      8bc96c655a11585bc4b4db87cda3f942

    • Size

      361KB

    • MD5

      8bc96c655a11585bc4b4db87cda3f942

    • SHA1

      9e6e6991db0fe4d31104179fbbb8ac4aa1685af2

    • SHA256

      b3805e9f20934608a5effd673449b584218dabddc033f7da76253611802e0e16

    • SHA512

      0edb0e218a6ad3a507fde4782bd97b22d29345b9c0cd8a0c0bcc686083e2d848e9142d23d55755c0a07fdb41c09085d147b71f8c04532f1cd3fe763b5c8f4d77

    • SSDEEP

      6144:CYJUIr+OXOBaU7iGYiJkaV2OFbC4XEqPTY/U1GvbYG+XtLETkzmo:CYJUZxgU7iGYiJkaC2fPTY/U8vbYj54O

    Score
    10/10
    persistenceupx

    • Modifies WinLogon for persistence

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks