Overview

overview

8

Static

static

7

ad5506da92...97.exe

windows7-x64

8

ad5506da92...97.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    ad5506da925421a263308d7b7b887a97

  • Size

    14KB

  • Sample

    240229-bpenzsab87

  • MD5

    ad5506da925421a263308d7b7b887a97

  • SHA1

    b725209074fd5047c58ca3347193afbeb85613ca

  • SHA256

    bb41f9e84292d978613d0ac9e31dad663371b595109320ee77d794235260590a

  • SHA512

    d247e6dd78db7d74a20a047dc489ef3c94736b5a247eb90f449e28db8136d9766ff8f8cc32ce8fa36d023b1a9df04e41a5cffc947b4ec680de44d1995f0d5b68

  • SSDEEP

    384:9boTzbzAr2n/cmGDrKpronsY00UAmK84Ge9:9bo/Hf1pronsYKF

Score
8/10
persistenceupx

Malware Config

Targets

    • Target

      ad5506da925421a263308d7b7b887a97

    • Size

      14KB

    • MD5

      ad5506da925421a263308d7b7b887a97

    • SHA1

      b725209074fd5047c58ca3347193afbeb85613ca

    • SHA256

      bb41f9e84292d978613d0ac9e31dad663371b595109320ee77d794235260590a

    • SHA512

      d247e6dd78db7d74a20a047dc489ef3c94736b5a247eb90f449e28db8136d9766ff8f8cc32ce8fa36d023b1a9df04e41a5cffc947b4ec680de44d1995f0d5b68

    • SSDEEP

      384:9boTzbzAr2n/cmGDrKpronsY00UAmK84Ge9:9bo/Hf1pronsYKF

    Score
    8/10
    persistenceupx

    • Modifies AppInit DLL entries

      persistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks